mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bernd Fondermann <bernd.fonderm...@googlemail.com>
Subject Re: [vysper] User authentication using different domains
Date Wed, 05 Oct 2011 12:01:27 GMT
On Tue, Oct 4, 2011 at 22:07, Niklas Gustavsson <niklas@protocol7.com> wrote:
> On Thu, Sep 1, 2011 at 11:32 AM, Michael Lok <fulat2k@gmail.com> wrote:
>> Oops, my bad.  Accidentally clicked send.
>>
>> Anyway, I've got 0.8-SNAPSHOT downloaded and compiled.  I'm
>> implementing UserAuthentication instead of UserAuthorization in 0.7.
>> Here's the output from the logs when I specify user1@yahoo.com as the
>> username:
>>
>> ---------------------------------------
>> 17:26:53,461 | DEBUG |
>> org.apache.vysper.xml.decoder.XMPPContentHandler | Decoder writing
>> stanza: <stream:stream xmlns:stream="http://etherx.jabber.org/streams"
>> to="yahoo.com" xml:lang="en" version="1.0"></stream:stream>
>> 17:26:53,467 | INFO  | com.test.vysper.auth.JDBCUserAuthorization |
>> verifyCredntials
>> 17:26:53,467 | INFO  | com.test.vysper.auth.JDBCUserAuthorization |
>> org.apache.vysper.xmpp.addressing.EntityImpl@8a030d6[node=user1,domain=localhost,resource=<null>,fullyQualifiedCached=<null>,bareEntityCached=<null>]
>> ---------------------------------------
>>
>> I can see in the first line that it's sending to "yahoo.com".  But in
>> the Entity object, I still get the front portion of the username
>> before the @ character.
>>
>> Is this the expected behavior?
>
> First of all, sorry for the very late response. Life been busy :-)
>
> Anyways, I had a look at this today and it seems that when a client
> connect, it includes the domain in the <stream:stream> element, e.g:
> <stream:stream xmlns:stream="http://etherx.jabber.org/streams"
> to="foo.com" version="1.0">
>
> And during the SASL step, it only sends the username:
> <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="PLAIN"
> ga:client-uses-full-bind-result="true">AGZvbwBzZmRzZg==</auth>
>
> The base64 gets decoded into <NULL>foo<NULL>sfdsf. foo is the
> username, sfdsf the password. This is true for both Adium and Psi.
> When Vysper detects that the username does not contain a domain, it
> appends the server domain, rather than the domain used by the client
> in the <stream:stream> stanza.
>
> I've tried and failed to interpret the spec on what the correct
> behavior is. Bernd/Peter, as the world champs on reading the XMPP
> specs, what's your thoughts on this?

Sorry, no idea.

   Bernd

Mime
View raw message