Version used: 4.3.4
I’m trying to understand when I should be setting the
authzid value in my XMPP connection configuration. The
ConnectionConfiguration.setAuthzid documentation says:
In general, callers should allow the server to select the authorization identifier automatically, and not call this.
However, when this value is not set, the encrypted authentication string sent along with the authentication packet is different than if is included as part of the configuration. I noticed this while testing integration into various XMPP servers which are not under my control. For some, it doesn’t seem to matter whether the
authzid is explicitly set, the server authenticates the user fine even though the sent
<auth/> packet has a different encrypted authentication string. For others, if I do not explicitly set the
authzid, I get this error:
org.jivesoftware.smack.sasl.SASLErrorException: SASLError using PLAIN: not-authorized
What I am wondering is when/why should consumers of the Smack library be setting this value? I understand that for authentication mechanisms that do not support
authzid we wouldn’t want that value to be set, however, if the library returns true for
SASLMechanism.authzidSupported authentication is being used and no
authzid value has been provided, could one be created and set internally (I believe an
EntityBareJid is needed for this)?
I understand if there are technical reasons this cannot be done, I am just trying to understand what those are or what I am missing/not understanding. I am neither an expert with Smack nor with XMPP, so it is very likely I am missing something.
Thanks in advance for any help/insight, it is much appreciated.