[jdev] No realm from server

[Kurt Zeilenga]

On Nov 9, 2009, at 5:24 AM, Sebastiaan Deckers wrote:

> Both RFC2831 (Digest SASL) and RFC3920 (XMPP Core) do not specify  
> what the realm should be treated as by the client if it is missing  
> from the challenge.
>

RFC 2831 says about the server's advertise of realms:

       This directive is
       optional; if not present, the client SHOULD solicit it from the
       user or be able to compute a default; a plausible default might  
be
       the realm supplied by the user when they logged in to the client
       system. Multiple realm directives are allowed, in which case the
       user or client must choose one as the realm for which to supply  
to
       username and password.

and says this about the client's response:

       The realm containing the user's account. This directive is
       required if the server provided any realms in the
       "digest-challenge", in which case it may appear exactly once and
       its value SHOULD be one of those realms. If the directive is
       missing, "realm-value" will set to the empty string when  
computing
       A1 (see below for details).

If the server provides one realm, use that.
If the server provides none: the client should ask the user for it and  
if the user provides one, use that.  Otherwise none.   (If you want to  
suggest one for the client to use, suggest the domain of the user's  
JID.)
If the server provides multiple: the client should choose which to use.