Home » blogs » sneakin's blog

SASL Methods

Submitted by sneakin on Wed, 2006/08/16 - 09:31.

I've been secretly and passively working on an XMPP Lisp library. I was having trouble with SASL, but I got that going after properly configuring my server (the order of auth_methods in ejabberd matters!). Since I can actually login, I've been seeing if I can login to my various accounts. So far I haven't had much trouble until I tried to login to Google's Talk server.

For whatever reason, Google decided to invent their own SASL method: X-GOOGLE-TOKEN. This is also the only SASL method they support too!

It might be to brash to damn them just yet. I haven't tried to get TLS working, so the more common methods could still be lurking behind that wall. Consider this a warning to other client developers, you may need to support TLS to play on the Google server.

More updates to follow...

» sneakin's blog | add new comment

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Google token explained

Submitted by Jean-Louis Seguineau (not verified) on Tue, 2006/08/22 - 21:55.

Nolan,

You may want to check this The Mysteries of x-google-token and Why It Mattersto get a better sense of x-google-token.

Using a GTalk client in debug mode show it first does an HTTP authentication and then use the received x-google-token in the private SASL mechanism. In essence it's a two steps SSO.

Regards

Jean-Louis

» reply

Google, SASL

Submitted by ralphm (not verified) on Wed, 2006/08/16 - 13:09.

Indeed, Google's servers only advertise SASL PLAIN when you have established TLS first.

» reply

Other libraries

Submitted by Magnus Henoch (not verified) on Wed, 2006/08/16 - 10:42.

That sounds cool… Not meaning to discourage you in any way, have you looked at cl-xmpp or lisp-jabber?

» reply

The latter is new

Submitted by sneakin on Thu, 2006/08/17 - 06:04.

I never heard of your project. I didn't get to far when I tried cl-xmpp. One difference from mine is that I'm using a push XML parser that I rolled, and I'll most likely end up where djabberd has gone with an extensible server.

» reply

Ad's by Google