[Standards-JIG] Re: Call for Experience: JEP-0078(Non-SASLAuthentication)

Peter Saint-Andre stpeter at jabber.org
Tue Oct 12 21:00:30 UTC 2004


In article <11D121AB355B69448D3A9F2132D2A3AA42018D at niobe.BlueHands.de>,
 "Heiner Wolf" <wolf at bluehands.de> wrote:

> Hello
> 
> Some client have a "register automatically if the username does not
> exist" feature. 
> How is the client supposed to learn that a username does not exist? 
> 
> 3.1 User Authenticates with Server says:
> If there is no such username, the server SHOULD NOT return an error, but
> instead SHOULD return the normal authentication fields (this helps to
> prevent unknown users from discovering which usernames are in use). 
> 
> Ejabberd does this accorcing to JEP-0078, but jabberd 1.4.3 returns an
> error, if the user name does not exist. But jabberd returns an error. Am
> I right that jabberd is not JEP-0078 compliant? Is there any way to be
> JEP-0078 compliant AND to support "register automatically if the
> username does not exist"?

I think most clients just guess whether the error was returned because 
the username does not exist or because the credentials were incorrect. 
In any case, this is more of a JEP-0077 issue than a JEP-0078 issue, I 
think.

/psa




More information about the Standards mailing list