[jdev] SASL Alternate JID example.

Jonathan Dickinson jonathan at dickinsons.co.za
Sun May 30 07:22:18 CDT 2010 

--------------------------------------------------
From: "Mason, Matt" <Matt.Mason at agilysys.com>
Sent: Friday, May 28, 2010 12:02 AM
To: <jdev at jabber.org>
Subject: [jdev] SASL Alternate JID example.

> [Snip]
>
> I want the client to provide an authorization identity (JID) which is
> different from the default authorization ID.
>
> Does anyone have an example like the Client Server Example that has the
> data flow in the actual XML form?

The XML-flow is no different from normal authentication. Most SASL 
mechanisms support impersonation. Have a look at RFC2831 2.1.2 
<http://www.ietf.org/rfc/rfc2831.txt>. You will see the authzid value, this 
is what the client would use to impersonate.

If the SASL mechanism you are using does not support impersonation you will 
need to come up with something else.

HTH.

>
> Thanks!
>
> Matt Mason
> Matt.Mason at Agilysys.com
>
>
> -----Original Message-----
> From: Bruce Campbell [mailto:b+jabber at bruce-2010.zerlargal.org]
> Sent: Saturday, May 22, 2010 10:17 AM
> To: Mason, Matt
> Subject: RE: [jdev] When to pass the JID??
>
>
> On Fri, 21 May 2010, Mason, Matt wrote:
>
>> You were right and I greatly appreciate the reference.
>>
>> Thanks again!
>
> Not a problem; everyone has at least one implementation hurdle ;).
>
> Note that there are two ways to declaring the client's JID/resource; the
> one described in the RFC, and the original method using jabber:iq:auth.
> If your implementation is intended for a closed environment, I wouldn't
> worry about implementing the original method.
>
> -- 
>   Bruce.
>
>   Jabber::Lite if you're looking for existing implementations.
>
>>
>> Matt Mason
>> Agilysys
>> Senior Software Engineer
>> Matt.Mason at Agilysys.com
>> (805) 692-6350
>>
>>
>> -----Original Message-----
>> From: Bruce Campbell [mailto:b+jabber at bruce-2010.zerlargal.org]
>> Sent: Friday, May 21, 2010 1:51 PM
>> To: Jabber/XMPP software development list
>> Cc: Mason, Matt
>> Subject: Re: [jdev] When to pass the JID??
>>
>> On Fri, 21 May 2010, Mason, Matt wrote:
>>
>>> Reading through the spec <http://www.ietf.org/rfc/rfc3920.txt>  on
>>> the
>>
>>> bottom of page 17, top of 18 shows a basic "session".  In my
>>> implementation I am trying to figure out when the heck to pass the
>>> JID
>>
>>> of the client.  Not in the stream.
>>
>> Section 3.5 of rfc3920, Determination of Addresses, is probably what
>> you want to be reading, along with section 7, Resource Binding.
>>
>> --
>>   Bruce.
>>
>
> _______________________________________________
> JDev mailing list
> Forum: http://www.jabberforum.org/forumdisplay.php?f=20
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>

More information about the JDev mailing list