Manualshelf

Datasheet

ManualsBrandsWiley ManualsSoftware978-0-470-54071-8
11121314151617181920
20
CHAPTER 1 GettinG to Know XMPP
Authentication
XMPP allows for Transport Layer Security (TLS) encryption, and most clients use this by default.
Once TLS support is advertised by the server, the client starts the TLS connection and upgrades the
current socket to an encrypted one without disconnecting. Once TLS encryption is established, a
new pair of XMPP streams is created.
Authentication in XMPP uses the Simple Authentication and Security Layers (SASL) protocol, and
depending on the server involved, can support a number of authentication mechanisms. Normally
servers provide plain text authentication and MD5 digest-based authentication, but some servers
support authenticating via Kerberos or special tokens.
These same encryption and authentication technologies are also used in many other protocols
e-mail and LDAP are two examples and common libraries exist for supporting TLS and SASL that
can be used equally well for XMPP.
Once authentication is complete, a client must bind a resource for the connection and start a session.
If you are watching XMPP traffic on the wire, you will see
<bind> and <session> elements inside
<iq> stanzas being sent to do these jobs. If the client does not provide a resource to bind, the
server chooses one for it, usually randomly. Also, the server may alter the user’s chosen resource
even if the client provides one.
When two servers connect to each other, the authentication steps are slightly different. The servers
exchange and verify TLS certicates, or the recipient server uses a dialback protocol to verify the
senders identity via DNS.
Disconnection
When users are done with their XMPP sessions, they terminate the sessions and disconnect. The
most polite way to terminate a session is to first send unavailable presence and then close the
<stream:stream> element.
By sending a final unavailable presence, the user’s contacts can be informed about the reasons for
the users departure. Closing the stream explicitly allows any in-ight stanzas to arrive safely.
A polite disconnection would look like this:
<presence type=’unavailable’/>
</stream:stream>
The server then terminates its stream to the client.
SUMMARY
In this chapter, you met the XMPP protocol and learned about its history, use cases, addressing,
vocabulary, and the connection life cycle. You’ve also seen several example XMPP stanzas and
learned about the different entities composing an XMPP network.
40718c01.indd 20 11/30/09 8:23:50 PM