Comment 2 for bug 1217949

I'd have thought Oauth would be the way to go, especially if we can get a generic helper plugin that supports it, and that other plugins can use.

How the identification is done needs to be pluggable as well (ie how we map a username to a JID). Ideally the authentication would be too, with LDAP as an option.

In the past, we've used ProcessProtocol and the ldap CLIs to do the auth. I once found a library (I think called ldaptor) that was a twisted library for direct access.