[jdev] Re: S2S and SASL

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Fri Jul 29 03:41:38 CDT 2005


On Thursday 28 July 2005 11:51 pm, Vinod Panicker wrote:
> The RFC is silent about the unidirectional communication being
> permitted before the connection pair is successfully negotiated (for
> dialback).  Although, it does state the following - "Therefore, server
> dialback MUST be completed in each direction in order to enable
> bi-directional communications between two domains".

You want section 4.2:

"In the context of server-to-server communications, a server MUST use one TCP 
connection for XML stanzas sent from the server to the peer and another TCP 
connection (initiated by the peer) for stanzas from the peer to the server, 
for a total of two TCP connections."

> As per current discussion, I'm assuming the implementation to be such -
>
> - SASL negotiation should happen for each individual s2s connection to
> enable bi-directional communication.
> - Data can be sent over a successfully SASL-negotiated connection in a
> uni-directional fashion.

Yep.

> Now, what are the steps to consider in case of the following -
>
> - SASL negotiation succeeds on an s2s connection and the initiating
> entity sends some data over it.
> - SASL negotiation fails for the second s2s connection.
>
> What will happen in case of the above?

Failed s2s connections can happen at any time, SASL or not.  I don't think a 
failed inbound s2s connection should have any effect on established s2s 
connections.  So in your example you'd be stuck with a one-way channel.

-Justin



More information about the JDev mailing list