January 2002
Beginner
480 pages
13h 15m
English
Content preview from Programming JabberBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
The <key/> tag
The <key/> tag is used in
registration and search sequences to add a simple form of
security between the service and the entity requesting the
service. It enables the service, the responder, to verify
that the requester from whom it has just received an IQ-set
is the same requester that had sent an IQ-get earlier.
This security mechanism predates the server-to-server
dialback mechanism, described in Chapter 4.
Since the advent of dialback, the relevance of the
<key/> tag usage has been reduced.
If a component wants to determine who ought to be allowed to partake of its registration or search services, it would make sense to make the determination when responding to an initial IQ-get, the “can I do this, and what do I have to do?” request. If the request is to be denied, the component can send back an IQ-error, say, with an error 405 “Not Allowed” (see Table 5-3).
If, however, the component determines that the requester should
be allowed to use the service (with an IQ-set), it can send
back an IQ-result containing a <key/>
tag along with the rest of the instructions and fields.
The <key/> tag contains a
random string, such as a message digest of the requester’s
JID combined with a secret phrase. When the requester is
ready to make the IQ-set, the “OK, I’d like to use this service,
and here’s the data” request, the <key/> tag must be included, with the contents intact. On receipt of the IQ-set, the component doesn’t have to determine whether the requester is allowed ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.