[Council] Small changes to JEP-0078 (Non-SASL auth)
Peter Saint-Andre
stpeter at jabber.org
Tue Feb 3 10:31:56 CST 2004
On Tue, Feb 03, 2004 at 03:06:32PM +1100, Robert Norris wrote:
> I refer you to this thread in the Psi forums:
>
> http://psi.affinix.com/forums/index.php?act=ST&f=2&t=1357
>
> I'd like to get 78 changed so that the schema requires <username>,
> <password> and <resource>. It really can't be any other way without
> breaking existing implementations, and it'd be good to get rid of the
> confusion.
If the schema requires username, password, and resource, then when I do
an IQ get to request the required fields, I must send this:
<iq type='get'>
<query xmlns='jabber:iq:auth'>
<username/>
<password/>
<resouce/>
</query>
</iq>
And that makes no sense.
However, I can modify the JEP so that those three elements are required
in an IQ set.
That thread reveals a fundamental confusion for why the resource is
required for client authentication, and also reveals that people are
trying to use iq:auth to do the kinds of things that are possible in
XMPP resource binding (e.g., server assigns the resource). So I can
clear that up as well.
Peter
--
Peter Saint-Andre
Jabber Software Foundation
http://www.jabber.org/people/stpeter.php
More information about the Council
mailing list