XMPP 协议 请求多次
第一次Http-bind
(1) 客户端发起bosh会话 流初始化 建立TCP连接,发送如下格式数据
<body rid='2883488142'
xmlns='http://jabber.org/protocol/httpbind' to='xw-im' xml:lang='en' wait='60' hold='1' content='text/xml; charset=utf-8' ver='1.6' xmpp:version='1.0'
xmlns:xmpp='urn:xmpp:xbosh'/>
(2) 服务端应答流初始化
<body xmlns="http://jabber.org/protocol/httpbind" xmlns:stream="http://etherx.jabber.org/streams" from="xw-im" authid="79l2h39keg" sid="79l2h39keg" secure="true" requests="2" inactivity="30" polling="5" wait="60" hold="1" ack="3553752998" maxpause="300" ver="1.6"><stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>CRAM-MD5</mechanism><mechanism>DIGEST-MD5</mechanism></mechanisms><register xmlns="http://jabber.org/features/iq-register"/><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"/><session xmlns="urn:ietf:params:xml:ns:xmpp-session"><optional/></session></stream:features></body>
第二次http-bind
(3) 客户端选择认证机制 是一种常见Challenge-Response认证机制
<body rid='3553752999' xmlns='http://jabber.org/protocol/httpbind' sid='79l2h39keg'><auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='SCRAM-SHA-1'>biwsbj0zYTJhNDIyZDBmOWMxMWVhYjYzYTAyNDJhYzE2MDAwMixyPWQ0MWQ4Y2Q5OGYwMGIyMDRlOTgwMDk5OGVjZjg0Mjdl</auth></body>
第三次http-bind
(5) 发送用户名和密码登录
<body rid='3553753000' xmlns='http://jabber.org/protocol/httpbind' sid='79l2h39keg'><response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>Yz1iaXdzLHI9ZDQxZDhjZDk4ZjAwYjIwNGU5ODAwOTk4ZWNmODQyN2U4ZWI1MTNjZS0zN2U1LTQyODYtOWJmYS0zZDhiMDIyMWM1Y2EscD01MWcrY3hEeGY4NVVsVHhERFlqQ29YNnVpSEE9</response></body>
(6) 服务器响应告知校验结果
<body xmlns='http://jabber.org/protocol/httpbind' ack='3553753000'><success xmlns="urn:ietf:params:xml:ns:xmpp-sasl">dj14QktvQTM3OHlldlRoQ0ZmWVUzcU8vV1Jpd289</success></body>
第四次http-bind
(7)客户端重新初始化stream流
<body rid='3553753001' xmlns='http://jabber.org/protocol/httpbind' sid='79l2h39keg' to='xw-im' xml:lang='en' xmpp:restart='true' xmlns:xmpp='urn:xmpp:xbosh'/>
(8)服务器通知完成资源绑定
<body xmlns="http://jabber.org/protocol/httpbind" xmlns:stream="http://etherx.jabber.org/streams"><stream:features><register xmlns="http://jabber.org/features/iq-register"/><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"/><session xmlns="urn:ietf:params:xml:ns:xmpp-session"><optional/></session></stream:features></body>
第五次http-bind
(9)客户端请求资源绑定认证
<body rid='3553753002' xmlns='http://jabber.org/protocol/httpbind' sid='79l2h39keg'><iq type='set' id='_bind_auth_2' xmlns='jabber:client'><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'/></iq></body>
(10)服务器应答
<body xmlns='http://jabber.org/protocol/httpbind' ack='3553753002'><iq type="result" id="_bind_auth_2" to="xw-im/79l2h39keg" xmlns="jabber:client"><bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"><jid>3a2a422d0f9c11eab63a0242ac160002@xw-im/79l2h39keg</jid></bind></iq></body>
第六次http-bind
(11)客户端请求session会话认证
<body rid='3553753003' xmlns='http://jabber.org/protocol/httpbind' sid='79l2h39keg'><iq type='set' id='_session_auth_2' xmlns='jabber:client'><session xmlns='urn:ietf:params:xml:ns:xmpp-session'/></iq></body>
(12)服务器应答
<body xmlns='http://jabber.org/protocol/httpbind' ack='3553753003'><iq type="result" id="_session_auth_2" to="3a2a422d0f9c11eab63a0242ac160002@xw-im/79l2h39keg" xmlns="jabber:client"/></body>
第七次http-bind
客户端请求指定sid是否在线
服务器应答在线状态。
https://www.cnblogs.com/wuxinzhe/p/6619209.html
Openfire的以前的Web实现,是基于Http-bind的一种长轮询机制,当然也没什么不好,只是我现在HTML5都开始了,
当然希望能够来个基于Websocket的机制了
https://www.cnblogs.com/unqiang/p/7805760.html
chrome日志分析客户端浏览器PC登录im系统流程
xmpp安全机制 https://blog.csdn.net/mindfloating/article/details/7374449