[jdev] sasl help
Jacob Wright
jacwright at gmail.com
Tue Oct 23 02:25:59 CDT 2007
I'm working on the DIGEST-MD5 SASL authentication and feel like I'm doing it
perfectly, but my server is telling me I've got an incorrect auth for the
right username and password. This is in Flash's ActionScript. Can you spot
anything obvious I'm doing wrong?
I really appreciate it. Thanks!
Jacob Wright
base64decoder.decode(packet.toString());
bytes = base64decoder.flush();
var dataStr:String = bytes.readUTFBytes(bytes.bytesAvailable);
// transcode the string into an object
var data:Object = stringToObject(dataStr);
// set up the return object which will be transcoded into a string later
var obj:Object = {};
obj.username = username;
obj.realm = data.realm;
obj.nonce = data.nonce;
obj.charset = "utf-8";
obj["digest-uri"] = "xmpp/" + (conn.domain || conn.host);
if (data.algorithm)
obj.algorithm = data.algorithm;
obj.nc = "00000001";
if (data.qop)
obj.qop = "auth";
obj.cnonce = conn.generateId();
var a1:String, a2:String;
a1 = MD5.hash(obj.username + ":" + obj.realm + ":" + password) + ":" +
obj.nonce + ":" + obj.cnonce;
a2 = "AUTHENTICATE:" + obj["digest-uri"];
var response:String;
if (obj.qop)
response = MD5.hash(MD5.hash(a1) + ":" + obj.nonce + ":" + obj.nc + ":" +
obj.cnonce + ":" + obj.qop + ":" + MD5.hash(a2));
else
response = MD5.hash(MD5.hash(a1) + ":" + obj.nonce + ":" + MD5.hash(a2));
obj.response = response;
var resultStr:String = objectToString(obj);
base64encoder.encode(resultStr);
resultStr = base64encoder.flush();
var result:XML = <response xmlns={saslNS}>{resultStr}</response>;
conn.send(result);
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.jabber.org/jdev/attachments/20071023/fc73498a/attachment-0002.htm>
More information about the JDev
mailing list