[jdev] Question about XMPP authentication
trejkaz at trypticon.org
Sun Jun 4 17:24:58 CDT 2006
On Monday 05 June 2006 03:56, Michal vorner Vaner wrote:
> On Mon, Jun 05, 2006 at 12:27:18AM +0700, Nguyen TV wrote:
> > - In case the JID belongs to jabber.org, my server now will act
> > like a forward server. It receives messages from myClient then sends to
> > jabber.org on behalf of that user.
> > message message
> > myClient ----> myserver.org --->
> > jabber.org
> > <---- <---
> > message message
> > Is that possible??
> Yes, of course. If the server acts like a client to it, it can just take
> the <message> stanza and send it to the server. You have no work here,
> since the client is client to you and you are client to the server. So
> you have everything prepared.
There is one problem with this approach -- it requires the user to give their
password to your server. A better approach might be having your server send
a one-use token to that user via XMPP, and having them enter that. Then you
can prove they own the JID without them having to sacrifice their password.
Of course, it's possible to simulate this behaviour without the user knowing
-- a Java applet in the web page could login and send a message to the user's
server without the password needing to be sent through your own site.
Although whether users trust that this won't send the password to you, that's
another story entirely.
On Monday 05 June 2006 03:58, Chris Chen wrote:
> Why not just run an XMPP federated server and have it configured to
> connect and use Server-to-server communication?
> You can then have your web conference software create accounts and
> login to your own server. Then have you server become part of a
> federation with other servers.
I think the point is to avoid people needing to sign up on Yet Another Site
just to use One More Application. Global single sign-on is a good idea, for
cutting down the mindless duplicate registrations that people have left all
over the Internet (and IIRC, someone is working on integrating such a thing
with a browser right now.)
Email: trejkaz at trypticon.org
Jabber ID: trejkaz at trypticon.org
Web site: http://trypticon.org/
GPG Fingerprint: 9EEB 97D7 8F7B 7977 F39F A62C B8C7 BC8B 037E EA73
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 191 bytes
Desc: not available
More information about the JDev