Uploaded image for project: 'Openfire'
  1. Openfire
  2. OF-1803

SASL EXTERNAL (client): allow realm that matches XMPP domain to be suppressed

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.4.0
    • Component/s: TLS
    • Labels:
      None

      Description

      When a client authenticates with SASL EXTERNAL, a username can be provided provided by the client. This is then used to authenticate with. If the username is not provided, Openfire will try to obtain it from the certificate that's used (although this mechanism is pluggable, and other mappings can be configured.

      When the username is provided, it's assumed to be a username of Openfire. It has been observed that a client uses a bare JID, instead of a username. This arguable is a client error, but Openfire should allow for this, provided that the domain part of the JID equals the XMPP domain of the server.

        Attachments

          Activity

            People

            Assignee:
            guus Guus der Kinderen
            Reporter:
            guus Guus der Kinderen
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: