Smack

History

Florian Schmaus a7ec0338bc Don't set SASL authid parameter to username (SMACK-371) RFC4616 states that if the authorization identity (authzid) parameter is null, then it is derived from the authentication identity (authcid). Smack currently sets both, authzid and authcid, to the username, resulting in auth attempts of userid\0userid\0password instead of userid\0password Which are different users on most systems (e.g. Kerberos). We now set only SASLMechanism.authenticationId to username. The authenticate(String, CallbackHandler) method does now not longer receive the username, as it's send by the CallbackHandler.	2014-03-09 14:59:45 +01:00
..
src	Don't set SASL authid parameter to username (SMACK-371)	2014-03-09 14:59:45 +01:00
build.gradle	Move gradle subproject configuration into the subproject	2014-03-09 14:59:45 +01:00

Florian Schmaus a7ec0338bc Don't set SASL authid parameter to username (SMACK-371)

RFC4616 states that if the authorization identity (authzid) parameter is
null, then it is derived from the authentication
identity (authcid). Smack currently sets both, authzid and authcid, to
the username, resulting in auth attempts of

userid\0userid\0password

instead of

userid\0password

Which are different users on most systems (e.g. Kerberos).

We now set only SASLMechanism.authenticationId to username. The
authenticate(String, CallbackHandler) method does now not longer receive
the username, as it's send by the CallbackHandler.

2014-03-09 14:59:45 +01:00

src

Don't set SASL authid parameter to username (SMACK-371)

2014-03-09 14:59:45 +01:00

build.gradle

Move gradle subproject configuration into the subproject

2014-03-09 14:59:45 +01:00