jsjac sends request to the httpbinding of openfire but return error about sasl.
What kinds of sasl are there, when do I use each one and how do I configure it?
Should I use it at all or can I just disable the sasl?
SASL is the preferred authentication method of Jabber. There are several different “mechanisms” that sasl can use, and the server advertises to the client which it supports. Most servers will support PLAIN (authenticate using a plain-text username/password) and various MD5’'s (CRAM-MD5 or DIGEST-MD5). Some support more fancy methods like GSSAPI.
If your client dosnt support SASL, you should be able to authenticate via the old iq:auth method without changing anything on the server.
Hope this info helps you.
Thank you for your answer.
You said that the server advertises to the client which sasl mechanism it supports.
By the server do you mean openfire in this case or apache? and is the client the jabber client, spark for example?
If openfire is the server, what mechanisms it supports by default and how do I switch between them?
You said that I should be able to authenticate via the iq:auth method. Can I do it through httpbinding?
Im talking about the Openfire server. Im not sure how all the auth stuff passes through for httpbinding- maybe someone else can chime in on that topic.
In Openfire you can configure which mechanisms are advertised in openfire.xml by doing adding a sasl stanza: