[jdev] SASL Alternate JID example.

Mason, Matt Matt.Mason at agilysys.com
Thu May 27 17:02:54 CDT 2010 

In RFC 3920, section 6.1. Use of SASL/ overview - under rules; rule 7:
7.   If the initiating entity wishes to act on behalf of another  entity
and the selected SASL mechanism supports transmission of an
authorization identity, the initiating entity MUST provide an
authorization identity during SASL negotiation.  If the initiating
entity does not wish to act on behalf of another entity, it MUST NOT
provide an authorization identity.  As specified in [SASL], the
initiating entity MUST NOT provide an authorization identity unless the
authorization identity is different from the default authorization
identity derived from the authentication identity as described in
[SASL].  If provided, the value of the authorization identity MUST be of
the form       <domain> (i.e., a domain identifier only) for servers and
of the form <node at domain> (i.e., node identifier and domain identifier)
for clients.


I want the client to provide an authorization identity (JID) which is
different from the default authorization ID.

Does anyone have an example like the Client Server Example that has the
data flow in the actual XML form?

Thanks!

Matt Mason
Matt.Mason at Agilysys.com


-----Original Message-----
From: Bruce Campbell [mailto:b+jabber at bruce-2010.zerlargal.org] 
Sent: Saturday, May 22, 2010 10:17 AM
To: Mason, Matt
Subject: RE: [jdev] When to pass the JID??


On Fri, 21 May 2010, Mason, Matt wrote:

> You were right and I greatly appreciate the reference.
>
> Thanks again!

Not a problem; everyone has at least one implementation hurdle ;).

Note that there are two ways to declaring the client's JID/resource; the
one described in the RFC, and the original method using jabber:iq:auth. 
If your implementation is intended for a closed environment, I wouldn't
worry about implementing the original method.

-- 
   Bruce.

   Jabber::Lite if you're looking for existing implementations.

>
> Matt Mason
> Agilysys
> Senior Software Engineer
> Matt.Mason at Agilysys.com
> (805) 692-6350
>
>
> -----Original Message-----
> From: Bruce Campbell [mailto:b+jabber at bruce-2010.zerlargal.org]
> Sent: Friday, May 21, 2010 1:51 PM
> To: Jabber/XMPP software development list
> Cc: Mason, Matt
> Subject: Re: [jdev] When to pass the JID??
>
> On Fri, 21 May 2010, Mason, Matt wrote:
>
>> Reading through the spec <http://www.ietf.org/rfc/rfc3920.txt>  on 
>> the
>
>> bottom of page 17, top of 18 shows a basic "session".  In my 
>> implementation I am trying to figure out when the heck to pass the 
>> JID
>
>> of the client.  Not in the stream.
>
> Section 3.5 of rfc3920, Determination of Addresses, is probably what 
> you want to be reading, along with section 7, Resource Binding.
>
> --
>   Bruce.
>

More information about the JDev mailing list