[Standards] Loopback Authentication
Dave Cridland
dave at cridland.net
Thu Feb 1 03:13:46 CST 2007
On Thu Feb 1 02:48:13 2007, Justin Karneges wrote:
> Unfortunately, there is no clean cross-platform solution for this
> kind of thing. Depending on how many platforms we'd want loopback
> authentication to work on, we could end up with 3 or 4 mechanisms.
> Do we want to make a handful of new SASL mechanisms? (putting
> loopback auth on the level of SASL)
No, I think you and Ralph are correct in saying you want to re-use
SASL EXTERNAL.
Note that a much more portable way of doing it (albeit one that need
a bit more client support) is to run the XMPP stream over a UNIX
domain socket, since there's a handful of API calls on most UNIX
platforms which allow you to extract the calling UID. I know it works
on BSD and Linux systems.
Windows is, as ever, a bit of a challenge, but I believe that named
pipes have a similar ability.
Dave.
--
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at jabber.org
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the Standards
mailing list