[jdev] RE: [Standards-JIG] Call for Experience:JEP-0078(Non-SASLAuthentication)

Heiner Wolf wolf at bluehands.de
Mon Sep 27 02:52:47 CDT 2004 

Hello

Some client have a "register automatically if the username does not
exist" feature. How is the client supposed to learn that a username 
does not exist? 

JEP-0078 "3.1 User Authenticates with Server" says:
If there is no such username, the server SHOULD NOT return an error, but
instead SHOULD return the normal authentication fields (this helps to
prevent unknown users from discovering which usernames are in use). 

Ejabberd does this according to JEP-0078, but jabberd 1.4.3 returns an
error, if the user name does not exist. Am I right that jabberd is not 
JEP-0078 compliant? Is there any way to be JEP-0078 compliant AND 
to support "register automatically if the username does not exist"?

jabberd 1.4.3:
-------------

C->S: <iq id='7d8f0612d5ce' type='get'>
        <query xmlns='jabber:iq:auth'>
          <username>wolfspelzx</username>
        </query>
      </iq>

S->C: <iq id='7d8f0612d5ce' type='error'>
        <query xmlns='jabber:iq:auth'>
          <username>wolfspelzx</username>
        </query>
        <error code='401'>Unauthorized</error>
      </iq>

ejabberd:
---------

C->S: <iq id='fa596e59e336' type='get'>
        <query xmlns='jabber:iq:auth'>
          <username>wolfspelzx</username>
        </query>
      </iq>

S->C: <iq type='result' id='fa596e59e336'>
        <query xmlns='jabber:iq:auth'>
          <username>wolfspelzx</username><password/><digest/><resource/>
        </query>
      </iq>

C->S: <iq id='f52219ef8e9c' type='set'>
        <query xmlns='jabber:iq:auth'>
          <username>wolfspelzx</username>
          <digest>a9f39631c300ee32ebcdc8225aac972381c5401d</digest>
          <resource>67e7535a2fd0</resource>
        </query>
      </iq>

S->C: <iq type='error' id='f52219ef8e9c'>
        <query xmlns='jabber:iq:auth'>
          <username>wolfspelzx</username>
          <digest>a9f39631c300ee32ebcdc8225aac972381c5401d</digest>
          <resource>67e7535a2fd0</resource>
        </query>
        <error code='403' type='auth'>
          <forbidden xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
        </error>
      </iq>

Regards
hw
--
Dr. Klaus H. Wolf
bluehands GmbH & Co.mmunication KG
http://www.bluehands.de/people/hw
+49 (0721) 16108 75
--
Jabber enabled Virtual Presence on the Web: http://www.lluna.de/
Open Source Future History: http://www.galactic-developments.com/

More information about the JDev mailing list