On Nov 9, 2009, at 5:24 AM, Sebastiaan Deckers wrote:
Both RFC2831 (Digest SASL) and RFC3920 (XMPP Core) do not specify
what the realm should be treated as by the client if it is missing
from the challenge.
RFC 2831 says about the server's advertise of realms:
This directive is
optional; if not present, the client SHOULD solicit it from the
user or be able to compute a default; a plausible default might
be
the realm supplied by the user when they logged in to the client
system. Multiple realm directives are allowed, in which case the
user or client must choose one as the realm for which to supply
to
username and password.
and says this about the client's response:
The realm containing the user's account. This directive is
required if the server provided any realms in the
"digest-challenge", in which case it may appear exactly once and
its value SHOULD be one of those realms. If the directive is
missing, "realm-value" will set to the empty string when
computing
A1 (see below for details).
If the server provides one realm, use that.
If the server provides none: the client should ask the user for it and
if the user provides one, use that. Otherwise none. (If you want to
suggest one for the client to use, suggest the domain of the user's
JID.)
If the server provides multiple: the client should choose which to use.
_______________________________________________
JDev mailing list
Forum: http://www.jabberforum.org/forumdisplay.php?f=20
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: [email protected]
_______________________________________________
