Hey Norman, Wildfire implementation is based on http://www.ietf.org/internet-drafts/draft-ietf-sasl-plain-08.txt. My understanding after reading " The mechanism consists of a single message, a string of [UTF-8] encoded [Unicode] characters, from the client to the server. The client presents the authorization identity (identity to act as), followed by a NULL (U+0000) character, followed by the authentication identity (identity whose password will be used), followed by a NULL (U+0000) character, followed by the clear-text password."
is that the client MUST include the user and password in the <auth> PLAIN stanza. I don't see any option for sending an empty <auth> PLAIN stanza and expecting the server to send a challenge so that the client can send the user and password information. Have I missed something here? :) Regards, -- Gato "Norman Rasmussen" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] BTW: the server should accept a blank auth stanza, and it should respond with a blank challenge. This is a bug in the wildfire server. On 3/22/06, Norman Rasmussen <[EMAIL PROTECTED]> wrote: > On 3/22/06, Adrian Adrian <[EMAIL PROTECTED]> wrote: > > Good point. > > One more question: In which format should I send the base64 > > information ? > > http://www.ietf.org/internet-drafts/draft-ietf-sasl-plain-08.txt > > As Bilyk points out the format is : optional authzid <null> authcid > <null> passwd > > -- > - Norman Rasmussen > - Email: [EMAIL PROTECTED] > - Home page: http://norman.rasmussen.co.za/ > -- - Norman Rasmussen - Email: [EMAIL PROTECTED] - Home page: http://norman.rasmussen.co.za/
