-
Notifications
You must be signed in to change notification settings - Fork 366
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Permit connecting with an alternative authcid #113
Permit connecting with an alternative authcid #113
Conversation
This permits imitation of other users (for example, if [email protected] is allowed to create a session as [email protected], he will provide the JID [email protected] in <stream:stream to="..." and <bind/>, but use his own credentials in the the <auth/> packet per SASL's separation of authzid and authcid.
This appears to work well for me on ejabberd. Any chance it could be merged? |
Permit connecting with an alternative authcid
Allow passing authcid param introduced by strophe/strophejs#113
Hi @benlangfeld, I'm curious, what's the usecase for this? Is it for users who have multiple XMPP accounts? |
Either for proxy authentication in general (maybe a set of credentials give access to multiple accounts, maybe certain users can masquerade as other users for testing purposes) or, in my case, to support MojoAuth. |
Is there a particular schedule for a 1.2.3 release, @jcbrand, or would it be appropriate to request that here? |
So far there aren't many new changes since the last release (1.2.1). I'm however happy to make a new release for you if you need it. |
Only so that Candy can depend on a final release. No big deal :) |
Put a freeze on that request, @jcbrand. I'm having trouble updating Candy to 1.2.1 anyway. |
This permits imitation of other users (for example, if [email protected] is allowed to create a session as [email protected], he will provide the JID [email protected] in <stream:stream to="..." and , but use his own credentials in the the packet per SASL's separation of authzid and authcid.