Tls?

Is there a way to secure the transport? currently you can use https/http/socket, and if TLS is required on the server it doesnt connect when set to socket?

Sparkweb works great with HTTPS. There was some work being done to support TLS over the socket, but its not there currently. (Im not sure what the status of that is).

Status is that when I applied the patch I kept getting disconnected, and I didn’t have time to work out what was wrong :confused:

At the moment I’m not really working on SparkWeb or XIFF much beyond minimal maintenance (I’m not at Jive anymore) so we’ll have to hope someone else gets to it.

bleh, I suppose thats how it goes with opensource though!

I have taken a look and found it works. The disconnection from port 5222 was normal behaviour, but SparkWeb unloaded before the connection could be established to port 5223 for TLS. The fix is a test to confirm TLS is active before dispatching the disconnect event in XMPPSocketConnection.as.

override public function disconnect():void
{
if( isActive() ) {
sendXML( closingStreamTag );

if(bTLSenabled){
 tlsSocket.close();
}else{
 binarySocket.close();
}

active = false;
loggedIn = false;

if(bTLSenabled){
 var event:DisconnectionEvent = new DisconnectionEvent();
 dispatchEvent(event);
}

}
}