git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@278 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
Peter Saint-Andre 2006-12-19 17:46:14 +00:00
parent 1e8b1f55eb
commit 01b50d7d3b
1 changed files with 15 additions and 9 deletions

View File

@ -143,7 +143,7 @@
<li>HTTP Client requests object via HTTP.</li>
<li>HTTP Server sends Authenticate Response via HTTP.</li>
<li>HTTP Client sends Authorization Request via HTTP (E1).</li>
<li>HTPP Server processes request and forwards it to XMPP Server.</li>
<li>HTTP Server processes request and forwards it to XMPP Server.</li>
<li>XMPP Server requests confirmation via XMPP (E2).</li>
<li>XMPP Client confirms request via XMPP.</li>
<li>XMPP Server delivers confirmation to HTTP Server.</li>
@ -210,7 +210,7 @@ Authorization: Digest username="juliet@capulet.com",
<p>The HTTP Server MAY offer any other valid authentication scheme, instead of or in addition to the Basic and Digest schemes mentioned above, as long as the scheme makes it possible to specify a userid (JID) and transaction identifier as described above. However, it is RECOMMENDED to implement both the Basic and Digest authentication schemes.</p>
</section3>
</section2>
<section2 topic='HTPP Server Processes Request' anchor='http-process'>
<section2 topic='HTTP Server Processes Request' anchor='http-process'>
<p>Once the HTTP Client has communicated the JID and transaction identifier to the HTTP Server, the HTTP Server MUST verify that the JID is authorized to access the HTTP resource. This may involve JID-level or domain-level access checks, or (depending on local service policies) potentially no access checks at all if only verification is required.</p>
<p>If the JID is authorized to access the HTTP resource, the HTTP Server MUST pass the URL, method, JID, and transaction identifier to the XMPP Server for confirmation. Exactly how this is done is up to the implementation. It is RECOMMENDED for the HTTP Server to connect to the XMPP Server as a trusted server component and to itself generate the confirmation request as described below.</p>
</section2>
@ -225,7 +225,7 @@ Authorization: Digest username="juliet@capulet.com",
to='juliet@capulet.com/balcony'
id='ha000'>
<confirm xmlns='http://jabber.org/protocol/http-auth'
id='transaction-identifier'
id='a7374jnjlalasdf82'
method='GET'
url='https://files.shakespeare.lit:9345/missive.html'/>
</iq>
@ -236,14 +236,20 @@ Authorization: Digest username="juliet@capulet.com",
to='juliet@capulet.com'>
<thread>e0ffe42b28561960c6b12b944a092794b9683a38</thread>
<body>
Someone (maybe you) has requested the file
https://files.shakespeare.lit:9345/missive.html.
Someone (maybe you) has requested the following file:
https://files.shakespeare.lit:9345/missive.html.
The transaction identifier is:
a7374jnjlalasdf82
If you wish to confirm the request, please reply
to this message by typing "OK". If not, please
reply with "No".
</body>
<confirm xmlns='http://jabber.org/protocol/http-auth'
id='transaction-identifier'
id='a7374jnjlalasdf82'
method='GET'
url='https://files.shakespeare.lit:9345/missive.html'/>
</message>
@ -264,7 +270,7 @@ Authorization: Digest username="juliet@capulet.com",
to='files.shakespeare.lit'
id='ha000'>
<confirm xmlns='http://jabber.org/protocol/http-auth'
id='transaction-identifier'
id='a7374jnjlalasdf82'
method='GET'
url='https://files.shakespeare.lit:9345/missive.html'/>
<error code='401' type='auth'>
@ -278,7 +284,7 @@ Authorization: Digest username="juliet@capulet.com",
to='files.shakespeare.lit'>
<thread>e0ffe42b28561960c6b12b944a092794b9683a38</thread>
<confirm xmlns='http://jabber.org/protocol/http-auth'
id='transaction-identifier'
id='a7374jnjlalasdf82'
method='GET'
url='https://files.shakespeare.lit:9345/missive.html'/>
</message>
@ -290,7 +296,7 @@ Authorization: Digest username="juliet@capulet.com",
to='files.shakespeare.lit'>
<thread>e0ffe42b28561960c6b12b944a092794b9683a38</thread>
<confirm xmlns='http://jabber.org/protocol/http-auth'
id='transaction-identifier'
id='a7374jnjlalasdf82'
method='GET'
url='https://files.shakespeare.lit:9345/missive.html'/>
<error code='401' type='auth'>