登陆密码验证由StazaHandler的 ("auth".equals(tag)) {
// User is trying to authenticate using SASL startedSASL = true; // Process authentication stanza saslStatus = SASLAuthentication.handle(session, doc); 处理。
最简单的当属PLAIN方式(base64编码)
SASLAuthentication 解码base64码 token = StringUtils.decodeBase64(doc.getText().trim()); SaslServerPlainImpl PLAIN码的验证 public byte[] evaluateResponse(byte[] response) throws SaslException {
if (completed) {
throw new IllegalStateException("PLAIN authentication already completed"); } if (aborted) {
throw new IllegalStateException("PLAIN authentication previously aborted due to error"); } try {
if(response.length != 0) {
String data = new String(response, "UTF8"); StringTokenizer tokens = new StringTokenizer(data, ""); if (tokens.countTokens() > 2) {
username = tokens.nextToken(); principal = tokens.nextToken(); } else {