mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Niklas Gustavsson <nik...@protocol7.com>
Subject Re: [vysper] User authentication using different domains
Date Tue, 04 Oct 2011 20:07:56 GMT
On Thu, Sep 1, 2011 at 11:32 AM, Michael Lok <fulat2k@gmail.com> wrote:
> Oops, my bad.  Accidentally clicked send.
>
> Anyway, I've got 0.8-SNAPSHOT downloaded and compiled.  I'm
> implementing UserAuthentication instead of UserAuthorization in 0.7.
> Here's the output from the logs when I specify user1@yahoo.com as the
> username:
>
> ---------------------------------------
> 17:26:53,461 | DEBUG |
> org.apache.vysper.xml.decoder.XMPPContentHandler | Decoder writing
> stanza: <stream:stream xmlns:stream="http://etherx.jabber.org/streams"
> to="yahoo.com" xml:lang="en" version="1.0"></stream:stream>
> 17:26:53,467 | INFO  | com.test.vysper.auth.JDBCUserAuthorization |
> verifyCredntials
> 17:26:53,467 | INFO  | com.test.vysper.auth.JDBCUserAuthorization |
> org.apache.vysper.xmpp.addressing.EntityImpl@8a030d6[node=user1,domain=localhost,resource=<null>,fullyQualifiedCached=<null>,bareEntityCached=<null>]
> ---------------------------------------
>
> I can see in the first line that it's sending to "yahoo.com".  But in
> the Entity object, I still get the front portion of the username
> before the @ character.
>
> Is this the expected behavior?

First of all, sorry for the very late response. Life been busy :-)

Anyways, I had a look at this today and it seems that when a client
connect, it includes the domain in the <stream:stream> element, e.g:
<stream:stream xmlns:stream="http://etherx.jabber.org/streams"
to="foo.com" version="1.0">

And during the SASL step, it only sends the username:
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="PLAIN"
ga:client-uses-full-bind-result="true">AGZvbwBzZmRzZg==</auth>

The base64 gets decoded into <NULL>foo<NULL>sfdsf. foo is the
username, sfdsf the password. This is true for both Adium and Psi.
When Vysper detects that the username does not contain a domain, it
appends the server domain, rather than the domain used by the client
in the <stream:stream> stanza.

I've tried and failed to interpret the spec on what the correct
behavior is. Bernd/Peter, as the world champs on reading the XMPP
specs, what's your thoughts on this?

/niklas

Mime
View raw message