[jdev] Scope of current RFC3920 SASL implementation

Dirk Meyer dmeyer at tzi.de
Sun Jan 25 11:23:51 CST 2009

Richard Smith wrote:
> I've read through the SASL sections, and it doesn't actually say that 
> the authentication scheme cannot be used in-band to communicate with a 
> remote host?
> So, I know it's probably unsupported by most if not all the clients, but 
> is it possible to re-use SASL namespaces to authenticate a user against 
> a remote XMPP component using SASL?

Thinking of web services connected over XMPP, this sounds useful. Maybe
we can define some sort of SASL in IQ stanzas. But this will be an
insecure connection. Maybe you want to use E2E security in this use


This is Linux country. If you listen carefully, you can hear Windows

More information about the JDev mailing list