[jdev] How to specify username with SASL ANONYMOUS

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Wed Oct 17 16:40:26 CDT 2007

On Wednesday 17 October 2007 2:11 pm, Mark Doliner wrote:
> So I've read through XEP-0175[1], and I think I have a pretty good idea of
> how SASL ANONYMOUS login is supposed to work (I love the protocol
> flow--thank you).
> But it's not clear to me how the client is supposed to specify a username. 
> This is supposed to be possible, right?  Or is the node always assigned by
> the server no matter what?  Should I just send the base64 encoded username
> as text within the 'auth' element?

XEP-175 doesn't seem to mention the fact that SASL ANONYMOUS can send data.  
The rfc3920bis-04 document even indicates that transmitting an initial 
response with ANONYMOUS is is invalid (section 7.5.5).  This is wrong, 
ANONYMOUS can send data, and it can be an initial response or not.  See RFC 

The client response for ANONYMOUS is "trace" data.  This is just supposed to 
be some generic id string, possibly an email address (like how anonymous FTP 
would often ask you to put your email address as the password, that's what 
this essentially replaces).  It might be interesting to specify in XEP-175 
that the trace data may be used as a node suggestion.


More information about the JDev mailing list