[jdev] Scope of current RFC3920 SASL implementation
Dirk Meyer
dmeyer at tzi.de
Sun Jan 25 11:23:51 CST 2009
Richard Smith wrote:
> I've read through the SASL sections, and it doesn't actually say that
> the authentication scheme cannot be used in-band to communicate with a
> remote host?
>
> So, I know it's probably unsupported by most if not all the clients, but
> is it possible to re-use SASL namespaces to authenticate a user against
> a remote XMPP component using SASL?
Thinking of web services connected over XMPP, this sounds useful. Maybe
we can define some sort of SASL in IQ stanzas. But this will be an
insecure connection. Maybe you want to use E2E security in this use
case.
Dirk
--
This is Linux country. If you listen carefully, you can hear Windows
reboot...
More information about the JDev
mailing list