From: gsstark@MIT.EDU (Greg Stark)
Cc: ding@ifi.uio.no
Subject: Re: how to do authinfo for only one group?
Date: 21 Mar 1996 15:10:10 -0500 [thread overview]
Message-ID: <ycqu3zi2onx.fsf@fierce-bad-rabbit.MIT.EDU> (raw)
In-Reply-To: larsi@ifi.uio.no's message of 21 Mar 1996 19:12:28 +0100
Well, it's clear what is intended, i'm not sure how to make Gnus do this, but
your server should probably follow this, aS well as supporting the common
practice of allowing the client to authenticate immediately after the start of
the session.
When authorization is required, the server will send a 480
response requesting authorization from the client. The
client must enter AUTHINFO USER followed by the username.
Once sent, the server will cache the username and send a
381 response requesting the password associated with that
username. The client must enter AUTHINFO PASS followed by
the password for the username. The server will then check
the authentication database to see if the username/password
combination is valid. If the combination is valid, the
server will return a 281 response. The client should then
retry the original command to which the server responded
with the 480 response. The command should then be processed
by the server normally. If the combination is not valid,
the server will return a 502 response.
Clients must provide authentication when requested by the server.
It is possible that some implementations will accept authentication
information at the beginning of a session, but this was not the
original intent of the specification. If a client attempts to
reauthenticate, the server may return 482 response indicating
that the new authentication data is rejected by the server.
The 482 code will also be returned when the AUTHINFO commands
are not entered in the correct sequence (like two AUTHINFO
USERs in a row, or AUTHINFO PASS preceding AUTHINFO USER).
Except that this excerpt comes from an expired draft from a working group that
was dissolved. In fact I should mention to Lars that i was deceived when i
suggested AUTHINFO GENERIC was something useful for Gnus to support. AUTHINFO
GENERIC, as it's name implies, is intended to allow people to experiment with
other authentication schemes. It doesn't specify any particular protocol.
In fact it turns out no authentication scheme could possibly be secure given
its framework.
next prev parent reply other threads:[~1996-03-21 20:10 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
1996-03-20 21:44 Joe Hildebrand
1996-03-21 18:12 ` Lars Magne Ingebrigtsen
1996-03-21 20:10 ` Greg Stark [this message]
1996-03-22 0:00 ` Joe Hildebrand
1996-03-22 18:48 ` Lars Magne Ingebrigtsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ycqu3zi2onx.fsf@fierce-bad-rabbit.MIT.EDU \
--to=gsstark@mit.edu \
--cc=ding@ifi.uio.no \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).