[Standards] SASL Plain - AuthID - Bare JID or User Name?

Peter Saint-Andre stpeter at jabber.org
Tue Feb 6 19:32:03 UTC 2007


Chris Mullins wrote:
> We just ran into a problem doing Authentication with WildFire using the 
> Open Source SoapBox Framework and SASL Plain.
> 
>  
> 
> The SoapBox Framework is using a bare JID (“user at server”) as the authid 
> that’s passed across the link. The Jive server is expecting only a user 
> name (“user”).
> 
>  
> 
> The RFC doesn’t really say either way, and I figure this is a good 
> chance to get it clarified.

RFC 3920, Section 6.1, point 7 says in part:

"If provided, the value of the authorization identity MUST be of the 
form <domain> (i.e., a domain identifier only) for servers and of the 
form <node at domain> (i.e., node identifier and domain identifier) for 
clients."

/psa



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070206/8d360cc8/attachment.bin>


More information about the Standards mailing list