ejabberd - Comments for "[ejabberd] Can't mix XMPP and non-SASL auth"

IPWorks connecting to eJabberd

Lance Robinson — Fri, 15 Jun 2007 15:18:03 +0000

I work for /n software (the IPWorks people) and another customer of ours also had a problem connecting to this server and pointed me to this thread, so I just wanted to chime in with the solution.

IPWorks supports SASL and plain text authentication. In the current version, by default it uses plaintext because that used to be the most common. We cannot change the default right now because it may break existing products that rely on us - however if you need to support SASL auth in IPWorks v6 you can do so by setting the authmechanism config prior to connecting, like this:

xmpp1.Config("AuthMechanism=SASL/PLAIN")

In IPWorks v8, the component will connect to eJabberd without any additional configuration (just instantiate the component, set the IM server and call the Connect method. Authentication method defaults to the strongest method allowed by the server. The following are supported: SASL/DIGEST-MD5, AuthIQ/Digest, SASL/PLAIN, AuthIQ/Plaintext.

Right, ejabberd supports jep-78

mfoss — Mon, 22 Aug 2005 14:46:42 +0000

In this link says that non-SASL(JEP-0078) is supported http://www.ejabberd.im/node/4#comment-729

Ah, right, ejabberd supports JEP-78. But the client is allowed to use it only if it does not advertise itself as XMPP/1.0 compliant, since XMPP/1.0 requires SASL support.

Indeed the socket is closed,

WEREW0LF — Sat, 20 Aug 2005 00:52:42 +0000

Indeed the socket is closed, but is eJabberd who close it, I cant realize why, the class I using triguers an event that raises only when the server closes the connection.
It's seems to be related with the \0 that I append to the end of each stream that is sent to the client.
Any idea?

Looks like you have closed

teo — Fri, 19 Aug 2005 04:51:59 +0000

Looks like you have closed socket before sending jabber:iq:auth query.

It's suposed it support

WEREW0LF — Fri, 19 Aug 2005 01:01:42 +0000

In this link says that non-SASL(JEP-0078) is supported

http://www.ejabberd.im/node/4#comment-729

But I cant use it, this is my trace:

SEND:
<?xml
version='1.0'?><stream:stream to="localhost"
xmlns="jabber:client"
xmlns:stream="http://etherx.jabber.org/streams" xml:lang="es_AR"
version="0.9" >

RECEIVE:
<?xml
version='1.0'?><stream:stream xmlns='jabber:client'
xmlns:stream='http://etherx.jabber.org/streams' id='897032616' from='localhost'
xml:lang='en'>

SEND:
<iq id="log_user_1"
type="get"><query
xmlns="jabber:iq:auth"><username>werem</username></query></iq>

RECEIVE:
<?xml
version='1.0'?><stream:stream xmlns='jabber:client'
xmlns:stream='http://etherx.jabber.org/streams' id='745824646' from='localhost'
xml:lang='en'><stream:error><invalid-namespace
xmlns='urn:ietf:params:xml:ns:xmpp-streams'/></stream:error></stream:stream>

I don't know if
"invalid-namespace" refers to EJabberd don't support JEP-0078. Can
confirm this?

Is there any way of dissablin

jaguba — Mon, 07 Feb 2005 08:22:28 +0000

Is there any way of dissabling SASL authentication in an ejabber server. Any configuration file?

My client does not support SASL authentication and always sends 1.0 xml header. I am not the developer of this client, the only solution for me resides in make a change in server in order to connect succesfully.

Thanks!

SASL requires XMPP 1.0

teo — Thu, 03 Feb 2005 13:09:12 +0000

Actually the fact that SASL requires including version="1.0" attribute to stream header does not imply the opposite requirement.

One can only conclude that if version isn't specified then entity isn't SASL capable.

On the other side ejabberd doesn't announce nonsasl auth when gives list of stream features for XMPP compliant clients, so it souldn't provide this auth.

XMPP 1.0 requires SASL

mfoss — Thu, 03 Feb 2005 12:44:26 +0000

Reading RFC 3920: XMPP Core, 6. Use of SASL, 6.1 Overview, 2.:

If the initiating entity is capable of SASL negotiation, it MUST include the 'version' attribute set to a value of at least "1.0" in the initial stream header.

So when you ask

Is there anyway of connecting to ejabber server without using SASL authentication?

The answer is yes. If the client does not support SASL, he must not advertise itself as XMPP 1.0 compliant, since XMPP 1.0 requires SASL. Ask your client developer to fix that bug.

There's a JEP about non-SASL authentication, but ejabberd does not implement it

ejabberd - Comments for "[ejabberd] Can&#039;t mix XMPP and non-SASL auth"