[jdev] Sasl Md5 Digest Authentication Problem
Waqas Hussain
waqas20 at gmail.com
Fri Mar 18 01:54:13 CST 2011
On Fri, Mar 18, 2011 at 4:12 AM, A.Wagner <mail at aw030.de> wrote:
> Hi,
>
> i try to authenticate with md5 digest.
>
> i am getting the challenge and build the response:
> <response
> xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>longbase64encodedstring</response>
>
> but then the server always responds with (even when response stanza is
> empty):
> <failure
> xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><invalid-authzid/></failure>
>
> Which format the authid (authid:realm:passwd) and authzid
> (Y:nonce:cnonce(:authzid)) must have?
> testuser, testuser at test.org, testuser at test.org/unknownclient ?
"If the initiating entity does not wish to act on behalf of another
entity, it SHOULD NOT provide an authorization identity." -
http://xmpp.org/internet-drafts/draft-ietf-xmpp-3920bis-13.html#sasl-rules-authzid
I'm assuming you are not trying to impersonate another user, so
authzid for you is the empty string "". This would work correctly with
all servers I believe, while providing an authzid when you don't need
to is going to break with some servers.
>
> Why this failure is returned even when the response stanza is empty?:
> <response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'></response>
>
> Greetz from Berlin
> Thx.
>
More information about the JDev
mailing list