Does openfire supports subsequent authentication?

dror · October 4, 2007, 12:41am

Hi

Im using a web javascript client and authenticating my users using sasl DIGEST-MD5. When a user is connected for a few hours I have unexplained disconnections. It doesnt happen often but it happens. Does openfire supports subsequent authentication?

How can I reconnect them?

On my system I want users to be able to close the messenger but then open and connect again without supplying a password, if the disconnection time is lees then half an hour, for example.

How can I do it?

Thanks

Gaston_Dombiak · October 8, 2007, 10:53pm

Hey Dror,

There is no official extension in XMPP for reconnections as you described. In the last interop event we talked about adding an official extension that will solve what you are trying to achieve in a similar way. For now, clients will need to keep the credentials used for authentication and use them again when auto-reconnecting when a connection is lost. That is how Spark works.

Regards,

– Gato

dror · October 9, 2007, 1:41am

Hi Gato,

When you talk about credentials do you mean the username and password?

In the rfc of digest sasl authentication in section2.2 there is a definition of subsequent authentication.Why does XMPP need another extension if it already supports sasl md5-digest which support this feature?. The advantage is that the client doesnt need to save the The server sends a key and the client can use this key to login again. In the case of a javascript client I think its essential. We have a website and we want to implement a javascript client and consider sparkweb. We are trying to figure out what to do if a user will close the popup sparkweb window but stays on the website and then want to open sparkweb again. Asking him to provide a username and password will be strange for him because he is logged in to the website. Saving his password will be unsafe.

OpenFire replies to the digest-response with rspauth="…". If it is not used for subsequent authentication what is it for?

Best,

Dror

Gaston_Dombiak · October 9, 2007, 1:51am

Hey Dror,

I see what you mean. Unfortunately Java does not support “SUBSEQUENT AUTHENTICATION”. We have the related issue JM-1109 that I think it was fixed for 3.4.0.

Regards,

– Gato

dror · October 9, 2007, 2:12am

If it is fixed for 3.4.0 it`ll be great. The question is how can I control for how long the key is valid. There must be some jive property but I always find it hard to find the right property for the job in openfire because not all of them are documented

Thanks