[JDEV] iq:auth question
Iain Shigeoka
iainshigeoka at yahoo.com
Wed Feb 20 17:44:49 CST 2002
On 2/20/02 6:05 AM, "- zad -" <zadk at mynet.com> wrote:
> Could someone tell me why we are sending username in iq:auth If we are
> querying host as to what information is required ?
>
> <iq type="get" id="i_auth_001">
> <query xmlns="jabber:iq:auth">
> <username>juser</username>
> </query>
> </iq>
For zero-knowledge (0k) authentication the client must know what the current
sequence and token values are for the account in order to generate the
proper hash value. In addition, the server may allow/require different
authentication protocols depending on the account you're using... So:
<iq type="get" id="i_auth_001">
<query xmlns="jabber:iq:auth">
<username>joe_user</username>
</query>
</iq>
<iq type="result" id="i_auth_001">
<query xmlns="jabber:iq:auth">
<username>joe_user</username>
<password/>
<digest/>
</query>
</iq>
<iq type="set" id="i_auth_002">
<query xmlns="jabber:iq:auth">
<username>joe_user</username>
<password>mypass</password>
<resource>mobile_phone</resource>
</query>
</iq>
<iq type="result" id="i_auth_002"/>
Joe_user may authenticate using plain (<password>) or digest (<digest>)
authentication. However we're stricter with the administrator account.
<iq type="get" id="i_auth_001">
<query xmlns="jabber:iq:auth">
<username>admin</username>
</query>
</iq>
<iq type="result" id="i_auth_001">
<query xmlns="jabber:iq:auth">
<username>admin</username>
<sequence>69</sequence>
<token>24ab423c323d323ac</token>
</query>
</iq>
<iq type="set" id="i_auth_002">
<query xmlns="jabber:iq:auth">
<username>admin</username>
<hash>03923ad323fa13231424d</hash>
<resource>solaris_pop</resource>
</query>
</iq>
<iq type="result" id="i_auth_002"/>
-iain
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
More information about the JDev
mailing list