* how to do authinfo for only one group?
@ 1996-03-20 21:44 Joe Hildebrand
1996-03-21 18:12 ` Lars Magne Ingebrigtsen
0 siblings, 1 reply; 5+ messages in thread
From: Joe Hildebrand @ 1996-03-20 21:44 UTC (permalink / raw)
ok, i'm back in Denver, and i'm real close to an nndb delivery. i
have one thing left to test, which is the authinfo stuff. you do i
tell sgnus to only try to send authinfo for one group? or does
calling nntp-send-authinfo not send authorization if it isn't
requested?
--
Joe Hildebrand Fuentez Systems Concepts
hildjj@fuentez.com Lead Software Engineer
"Breakfast recapitulates phylogeny" - Spider Robinson
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: how to do authinfo for only one group?
1996-03-20 21:44 how to do authinfo for only one group? Joe Hildebrand
@ 1996-03-21 18:12 ` Lars Magne Ingebrigtsen
1996-03-21 20:10 ` Greg Stark
0 siblings, 1 reply; 5+ messages in thread
From: Lars Magne Ingebrigtsen @ 1996-03-21 18:12 UTC (permalink / raw)
Joe Hildebrand <hildjj@fuentez.com> writes:
> you do i tell sgnus to only try to send authinfo for one group? or
> does calling nntp-send-authinfo not send authorization if it isn't
> requested?
No, that sends authinfo whenever it connects. You could put a
definition of `nntp-server-opened-hook' that includes the function to
send authinfo in the select method used for that group.
--
"Yes. The journey through the human heart
would have to wait until some other time."
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: how to do authinfo for only one group?
1996-03-21 18:12 ` Lars Magne Ingebrigtsen
@ 1996-03-21 20:10 ` Greg Stark
1996-03-22 0:00 ` Joe Hildebrand
1996-03-22 18:48 ` Lars Magne Ingebrigtsen
0 siblings, 2 replies; 5+ messages in thread
From: Greg Stark @ 1996-03-21 20:10 UTC (permalink / raw)
Cc: ding
Well, it's clear what is intended, i'm not sure how to make Gnus do this, but
your server should probably follow this, aS well as supporting the common
practice of allowing the client to authenticate immediately after the start of
the session.
When authorization is required, the server will send a 480
response requesting authorization from the client. The
client must enter AUTHINFO USER followed by the username.
Once sent, the server will cache the username and send a
381 response requesting the password associated with that
username. The client must enter AUTHINFO PASS followed by
the password for the username. The server will then check
the authentication database to see if the username/password
combination is valid. If the combination is valid, the
server will return a 281 response. The client should then
retry the original command to which the server responded
with the 480 response. The command should then be processed
by the server normally. If the combination is not valid,
the server will return a 502 response.
Clients must provide authentication when requested by the server.
It is possible that some implementations will accept authentication
information at the beginning of a session, but this was not the
original intent of the specification. If a client attempts to
reauthenticate, the server may return 482 response indicating
that the new authentication data is rejected by the server.
The 482 code will also be returned when the AUTHINFO commands
are not entered in the correct sequence (like two AUTHINFO
USERs in a row, or AUTHINFO PASS preceding AUTHINFO USER).
Except that this excerpt comes from an expired draft from a working group that
was dissolved. In fact I should mention to Lars that i was deceived when i
suggested AUTHINFO GENERIC was something useful for Gnus to support. AUTHINFO
GENERIC, as it's name implies, is intended to allow people to experiment with
other authentication schemes. It doesn't specify any particular protocol.
In fact it turns out no authentication scheme could possibly be secure given
its framework.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: how to do authinfo for only one group?
1996-03-21 20:10 ` Greg Stark
@ 1996-03-22 0:00 ` Joe Hildebrand
1996-03-22 18:48 ` Lars Magne Ingebrigtsen
1 sibling, 0 replies; 5+ messages in thread
From: Joe Hildebrand @ 1996-03-22 0:00 UTC (permalink / raw)
> "Greg" == Greg Stark <gsstark@mit.edu> writes:
Greg> Well, it's clear what is intended, i'm not sure how to make
Greg> Gnus do this, but your server should probably follow this, aS
Greg> well as supporting the common practice of allowing the client
Greg> to authenticate immediately after the start of the session.
Greg> When authorization is required, the server will send a
Greg> 480 response requesting authorization from the client. The
Greg> client must enter AUTHINFO USER followed by the
Greg> username. ...
I'm actually doing all of this stuff, now. Should ding send
authorization whenever it gets a 480 response?
The perl code is ready. I'm writing a delivery agent in C, so that
you won't have to exec perl every time you get a mail message. When
that is done, I'll post everything. Looks like tommorrow.
--
Joe Hildebrand Fuentez Systems Concepts
hildjj@fuentez.com Lead Software Engineer
"Breakfast recapitulates phylogeny" - Spider Robinson
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: how to do authinfo for only one group?
1996-03-21 20:10 ` Greg Stark
1996-03-22 0:00 ` Joe Hildebrand
@ 1996-03-22 18:48 ` Lars Magne Ingebrigtsen
1 sibling, 0 replies; 5+ messages in thread
From: Lars Magne Ingebrigtsen @ 1996-03-22 18:48 UTC (permalink / raw)
gsstark@MIT.EDU (Greg Stark) writes:
> When authorization is required, the server will send a 480
> response requesting authorization from the client.
I've now added this to the Red Gnus todo list. I don't think it's all
that important, though -- no nntp servers choke on getting an AUTHINFO
on connection. Although that sounds a bit insecure, come to think of
if. One doesn't want to send passwords to servers that do not ask for
them...
--
"Yes. The journey through the human heart
would have to wait until some other time."
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~1996-03-22 18:48 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
1996-03-20 21:44 how to do authinfo for only one group? Joe Hildebrand
1996-03-21 18:12 ` Lars Magne Ingebrigtsen
1996-03-21 20:10 ` Greg Stark
1996-03-22 0:00 ` Joe Hildebrand
1996-03-22 18:48 ` Lars Magne Ingebrigtsen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).