[jdev] sasl plain again

Norman Rasmussen norman at rasmussen.co.za
Mon Apr 17 09:24:02 CDT 2006

On 4/17/06, Adrian Adrian <flashbk2003 at yahoo.com> wrote:
>  I used a packet sniffer as you suggested and sadly I was able to see all
> packets, including the ones that came after the server said "proceed".
>  I then used a commercial  im client  and tried to sniff, and  this one
> worked as expected.  Everything after "proceed" was encrypted.
>  I don't get it. I wonder if this could be a platform issue (my application
> is based on flash player 8 so that's  actionscript virtual machine)  or if I
> misunderstood the tls plain authentication in the first place.

Directly after the client receives <proceed/> it should start TLS
negotiations, now I'm not sure how to do this in actionscript, but it
generally requires creation a TLS stream and hooking it up to your
existing stream, then you use the new TLS stream for all your comms.

- Norman Rasmussen
 - Email: norman at rasmussen.co.za
 - Home page: http://norman.rasmussen.co.za/

More information about the JDev mailing list