Hello,
I am having trouble figuring out how to generate auth stanza for SASL EXTERNAL mechanism. Things have changed in this area from 3.1.0 so I am not finding anything like what I need to do so far. Below is my debug output. In summary,
- Stream init'ed between client and server
- Server is configured to require TLS and prefer EXTERNAL SASL mechanism via features advertising
- I found that SecurityMode.ifpossible generates the starttls negotiation
- The TLS handshake "apparently" happens just fine (I have a little more work to do with my keystore)
- Stream init'ed between client and server (again, as it should)
- Features offered again that include SASL EXTERNAL and compression
This is where I am stuck. I have registered the SASL External mechanism (I think).
02:20:45 PM SENT (0): <stream:stream xmlns='jabber:client' to='MYSERVER.EXAMPLE.COM' xmlns:stream='http://etherx.jabber.org/streams' version='1.0' xml:lang='en'>
02:20:45 PM RECV (0): <?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="MYSERVER.EXAMPLE.COM" id="3959de67" xml:lang="en" version="1.0"><stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required/></starttls><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>EXTERNAL</mechanism></mecha nisms></stream:features>
02:20:45 PM SENT (0): <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'></starttls>
02:20:45 PM RECV (0): <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
02:20:46 PM SENT (0): <stream:stream xmlns='jabber:client' to='MYSERVER.EXAMPLE.COM' xmlns:stream='http://etherx.jabber.org/streams' version='1.0' xml:lang='en'>
02:20:46 PM RECV (0): <?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="MYSERVER.EXAMPLE.COM" id="3959de67" xml:lang="en" version="1.0"><stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>EXTERNAL</mechanism></mecha nisms><compression xmlns="http://jabber.org/features/compress"><method>zlib</method></compression><auth xmlns="http://jabber.org/features/iq-auth"/><register xmlns="http://jabber.org/features/iq-register"/></stream:features>
*************** Here is the where I need to send <auth.../> stanza **************
02:20:46 PM SENT (0): <presence id='B8s1X-3' type='unavailable'><c xmlns='http://jabber.org/protocol/caps' hash='sha-1' node='http://www.igniterealtime.org/projects/smack' ver='NfJ3flI83zSdUDzCEICtbypursw='/></presence>
02:20:46 PM SENT (0): </stream:stream>
My code snippet:
-----------------------
XMPPTCPConnectionConfiguration.Builder connConfig = XMPPTCPConnectionConfiguration.builder()
.setCompressionEnabled(false)
.setHost(serverName)
.setServiceName(domainBareJid)
.setPort(serverPort)
.setSendPresence(true)
.setDebuggerEnabled(true)
.allowEmptyOrNullUsernames()
.setSecurityMode(XMPPTCPConnectionConfiguration.SecurityMode.ifpossible);
XMPPTCPConnectionConfiguration conf = connConfig.build();
try {
conn = new XMPPTCPConnection(conf);
SASLMechanism sm = new SASLExternalMechanism();
conn.connect();
SASLAuthentication.registerSASLMechanism(sm.instanceForAuthentication(conn)); (BTW, 4.1 API doc refers to v 3.1 supportSASLMechanism method)
} catch(SmackException | IOException | XMPPException six) {
System.out.println(six.toString());
six.printStackTrace();
}
}
---------------------------
Thanks for any advice and guidance,
TT