Mapping User/Password to SASL Exchanges
Henry B. Hotz
hotz at jpl.nasa.gov
Tue Jun 22 19:20:13 EDT 2010
On Jun 22, 2010, at 2:53 PM, Henry B. Hotz wrote:
> Suppose I have a defined Java API which specifies arguments Username and Password for opening a new session. The implementation and protocol is officially unspecified, so we can do whatever we want with those arguments.
>
> How can/should I map between those arguments and SASL if I want to implement the real connection using SASL? Is there any "prior art" like this?
>
> I'm thinking that the username should map to either the authentication ID, and the "password"
Should say: "username should map to the authorization ID".
> could be either some kind of description like MECH:[credential location] or an actual binary blob, or maybe empty (in favor of some system properties). If someone else has defined a translation like this in a generic way, I'd like to go with that.
>
> If it matters, the actual example is a JMS implementation.
------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
More information about the Cyrus-sasl
mailing list