[jdev] jabber:iq:auth in the component:accept namespace?

Katz, Dov B (IT) Dov.Katz at morganstanley.com
Thu Aug 18 06:53:18 CDT 2005 

This is long, and it's early, so if it doesn't make sense, don't be
angry with me....

You can do this if you write a component which creates and maintains
sessions.

I do this in 1.4.x for a web-based jabber client, where the webapp makes
a component connection to the server, and then brings sessions online
and routes traffic etc.  It would be the same if you wanted to write
your own external socket acceptor and accept jabber traffic on other
ports.  It's a great way to scale up the number of concurrent
connections since the select loops over client connections is out of
process.  

The only thing I've found is that I need to have a successful auth
before I can bring a session up.  In our case, that's fine since I wrote
the external auth component as well:

Here's what I do:

Let's call my jabber server dovkatz.com

I have ldapauth.dovkatz.com which is an external "accept" component
handling auth.  This was possible in jabberd 1.4.2x by having
<auth>jid</auth> in the config... So first you make your own unique JIDs
up for your local component's "user sessions".  This allows you to
segregate incoming routed traffic.

Then you'll want to process/send route[@type=auth] packets  with the iq
set for auth (addressed directly to the user's real jabber jid, from
your local internal jid).  Handle the auth result.  

After that, you can send a route[@type=session] from the internal JID
for that user, to the real jabber jid of that user.  You will get a
route[@type=session] response to your internal JID, from the "Session
Handle" (usually real-username at real-servername/HEX-HASHCODE).  All
future packets must be routed to that Handle in order for them to appear
to originate from the user.

When you send or receive a route[@type=error] to/from the Handle, it
will destroy the session, or if received, notify you that it was
destroyed.

So basically, any app which has a component connection to the server can
bring up its own sessions on the server....

BE CAREFUL, b/c if your external process dies there is no way to bring
the sessions you made offline unless you remember what handles were sent
to you, or you log in as the user again with the same resource, bouncing
the previous instance.

Here is my log transcript (servername renamed) of my web-IM component...
I wrote a java framework for making external sessionvmanagement easy in
1.4.x jabberd implementations. If I can open source it, I will... (its
difficult to get approval for these types of things).


SEND:
 <route to="dovkatz at dovkatz.com/super"
from="someCustomJID at webclients.dovkatz.com/SomeResource" id="CTG-C2S-0"
type="auth">
 <iq to="dovkatz at dovkatz.com/super" id="189" type="set">
  <query
xmlns="jabber:iq:auth"><username>dovkatz</username><password>*******</pa
ssword><resource>super</resource>
  </query>
 </iq>
 </route>

RECV:
 <route to="someCustomJID at webclients.dovkatz.com/SomeResource"
from="ldapauth.dovkatz.com" id="CTG-C2S-0" type="auth">
 <iq id="189" type="result"><query
xmlns="jabber:iq:auth"><username>dovkatz</username><resource>super</reso
urce></query>
 </iq>
 </route>

SEND:
 <route to="dovkatz at dovkatz.com/super"
from="someCustomJID at webclients.dovkatz.com/SomeResource" id="190"
type="session"></route>

RECV:
 <route to="someCustomJID at webclients.dovkatz.com/SomeResource"
from="dovkatz at dovkatz.com/2B20C78" id="190" type="session"></route>

SEND:
 <route to="dovkatz at dovkatz.com/2B20C78"
from="someCustomJID at webclients.dovkatz.com/SomeResource"
id="CTG-C2S-2"><iq id="CTG-C2S-1" type="get"><query
xmlns="jabber:iq:roster"></query></iq></route>


-----Original Message-----
From: jdev-bounces at jabber.org [mailto:jdev-bounces at jabber.org] On Behalf
Of Konstantin Klyagin
Sent: Thursday, August 18, 2005 6:48 AM
To: Jabber software development list
Subject: Re: [jdev] jabber:iq:auth in the component:accept namespace?

On Thu, Aug 18, 2005 at 11:42:09AM +0100, Richard Dobson wrote:

> Another solution you might want to look into is using the component 
> protocol to connect to the server depending on what you are trying to 
> do this might work for you:
> http://www.jabber.org/jeps/jep-0114.html

Thanks, I did read this document. Apart from pretending a user, my
component does some component-specific things, so the choice of the
technology was right. But since it allows me to talk to IM gateways and
login under different user IDs to them, I wonder why not let a component
pretend to be a Jabber user as well. Otherwise, would I need a Jabber
gateway for Jabber? :) Just like I have for ICQ, Yahoo!, MSN and other
networks.

--
konst at http://thekonst.net/
_______________________________________________
jdev mailing list
jdev at jabber.org
http://mail.jabber.org/mailman/listinfo/jdev
--------------------------------------------------------

NOTICE: If received in error, please destroy and notify sender.  Sender does not waive confidentiality or privilege, and use is prohibited.

More information about the JDev mailing list