JSJaC inherit

When integrating a web chat (like JWChat) into your existing community most likely you don’t want to have your users sign in a second time just for the chat. A possible solution to this problem domain is to let your web server handle BOSH session instantiation and xmpp authentication. Once successfull you can pass the credentials (i.e. the runtime data) of this BOSH session to JSJaC. There’s an undocumented method call ‘inherit’ which handles this.
Here’s a fine tutorial on how to do this: Chat Hacking, Part II

One Response to JSJaC inherit


Comments

  1. Comment by Simon Wilkinson | 2009/01/17 at 18:04:36

    We actually achieve the same kind of idea, but in different ways. We have a Kerberos based single signon environment – and we wanted to use Kerberos to allow Web users to authenticate through JWChat to our web server. To do so, we protect the HTTP session that the HTTP bind is running on, and patch JWChat to request the EXTERNAL authentication mechanism. At the other end of the HTTP bind connection we have a modified punjab, which swallows the SASL EXTERNAL request, and instead initiates a SASL GSSAPI (a Kerberos encapsulation) connection with our Jabber server. Only once that is sucessful does punjab return a response to JWChat indicating that the user is authenticated.

    In this way, we can transparently authenticate users against our service, without either the client, or the server being aware that anything peculiar is going on. More details are at http://blob.inf.ed.ac.uk/sxw/2008/09/19/integrating-jabber-web-interfaces-with-cosign-and-other-sso-technologies/


Comments are closed