====== mod_saslauth ======

Allows users to log in.

===== Details =====

mod_saslauth implements the standard SASL protocol according to the guidelines in [[http://xmpp.org/rfcs/rfc6120.html#sasl|RFC6120]].

===== Usage =====

<code lua>
    modules_enabled = {
        -- Other modules
        "saslauth"; -- Enable mod_saslauth
    }
</code>
===== Configuration =====

^ Option             ^ Default ^ Notes ^
| c2s_require_encryption | false | Whether to force all client-to-server streams are encrypted before allowing authentication |
| require_encryption | false | DEPRECATED - Currently used as a fallback value, recommended to use c2s_require_encryption |
| anonymous_login | false | If set to true, anonymous users will be allowed to login in and authentication disabled. This also disables server-to-server communication |
| allow_unencrypted_plain_auth | false | Whether to allow passwords to be send in the plain |

==== Cyrus SASL integration ====

In Prosody 0.7 mod_saslauth also handled Prosody's [[:doc:cyrus_sasl|Cyrus SASL]] integration. From Prosody 0.8 this support is now in its own authentication module, [[:doc:modules:mod_auth_cyrus]]. Documentation for all versions has been moved to our [[:doc:cyrus_sasl|Cyrus SASL documentation page]].

===== Example =====

<code lua>
    modules_enabled = {
        -- Other modules
        "saslauth"; -- Enable mod_saslauth
    }
    
    c2s_require_encryption = true
    anonymous_login = false
    allow_unencrypted_plain_auth = false
</code>