[jdev] Scope of current RFC3920 SASL implementation

Richard Smith richard at indigo3.net
Sun Jan 25 10:06:19 CST 2009


I'm just putting some specs together for a project I'll be working on, 
and I was wondering...

XMPP RFC3290 specifies SASL namespaces and implementation within the 
scope of authenticating init-to-responder streams. Can this namespace be 
used at a lower level?

I've read through the SASL sections, and it doesn't actually say that 
the authentication scheme cannot be used in-band to communicate with a 
remote host?

The situation is that I'm got to build a client and component to do some 
notification magic. The 'client' part however might be on jabber.org, or 
another xmpp server entirely.

So, I know it's probably unsupported by most if not all the clients, but 
is it possible to re-use SASL namespaces to authenticate a user against 
a remote XMPP component using SASL?


More information about the JDev mailing list