[Standards] Re: SASL Plain - AuthID - Bare JID or User Name?

Mridul mridul at sun.com
Thu Feb 8 22:53:57 UTC 2007


Matthias Wimmer wrote:
> Hi Mirdul!
>
> Mridul schrieb:
>> Simple example where this would fail.
>> If you are authenticating using the mail id - the '@' is part of the 
>> user id now.
>
> That's why the XMPP protocol does not mandate how the authentication 
> id/username looks like. It is the server's implementation (or the 
> implementation of the SASL library it uses) that decides how 
> authentication ids are interpreted.
>
> The SASL/server implementation might treat m at tthias.eu as user "m" in 
> realm "tthias.eu" as well as user "m at tthias.eu" in the default realm.
>
>
> Matthias
>

I guess I was not clear in what I was trying to get at.
mridul at sun.com would be my mail id which is set as the uid for the server.
Assume that the server hosts both sun.com & test.com domains and I want 
to authenticate to test.com
What would I pass on to the server ?
Currently, the way we support it is we use the 'to' in the stream to 
identify which domain the user wants to auth to.
We use the user id specified to find which domain user wants to log into.

In this case, what do I pass on to the server ?
mridul at sun.com@test.com ? (not likely - and it is an impl detail that 
the client is not aware of).
mridul at sun.com with to = test.com ? (looks more in line with xmpp).

Regards,
Mridul



More information about the Standards mailing list