[ejabberd] Re: Can't mix XMPP and non-SASL auth

Peter Saint-Andre stpeter at jabber.org
Tue Nov 9 19:35:01 MSK 2004


In article <4190A2CB.4010401 at newbase.de>,
 Christoph Schmidt <csc at newbase.de> wrote:

> Magnus Henoch wrote:
> 
> > But when the client sends version='1.0' and then tries to use non-SASL
> > authentication, ejabberd never answers.  The reason the client tries
> > to do this is that it understands stream features, but doesn't have an
> > SASL library loaded.
> > 
> > Can/should this be fixed?  If so, ejabberd might also advertise the
> > stream feature "http://jabber.org/features/iq-auth", as described in
> > JEP-0078.
> > 
> 
> This is strictly XMPP-compliant. A client claiming it supports XMPP 1.0 
> should not try to use an unadvertised feature.

And a client that doesn't do SASL should not say that it supports XMPP 
1.0, either.

> Anyway, as ejabberd understands jabber:iq:auth, it could advertise and 
> handle it...

Yes, that seems like a good idea.

/psa



More information about the ejabberd mailing list