[Standards] [Fwd: Re: jingle client authentication error in jabber server]
stpeter at jabber.org
Wed Jan 31 15:45:51 UTC 2007
Matthias Wimmer wrote:
> Peter Saint-Andre schrieb:
>> If we need more error conditions, we can define them in the next
>> version of the spec.
> I've had a look at man sasl_errors (from cyrus SASL) to check if all
> Cyrus errors map well on the above errors.
> The following errors have been interesting:
> - SASL_TRANS: One time use of plaintext password will enable requested
> mechanism for user.
> I think it would be interesting to have such a XMPP-SASL error condition
> as well. It's required if you have hashed passwords (e.g. salted SHA-1)
> on the server and need to get the plain password to verify them, and
> build a hash suitable to authenticate with DIGEST-MD5 the next time
> (DIGEST-MD5 as an example).
Ah, I hadn't thought of that use case. :-)
> - SASL_EXPIRED: Passphrase expired, must be reset.
> - SASL_DISABLED: Account disabled
> - SASL_NOVERIFY: User exists, but no verifier for user
How much of that do we want to expose to the end user (or, perhaps, some
bot maquerading as the user)?
As to the specific error that triggered this thread, it seems that
<incorrect-encoding/> would be the right condition to return.
XMPP Standards Foundation
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards