(RADIATOR) Feature Request: <AuthBy IMAPS>

Karl Gaissmaier karl.gaissmaier at kiz.uni-ulm.de
Sat Nov 13 12:33:15 CST 2004


Hi Mike,

Mike McCauley schrieb:
...
>>Not yet, after sleeping over it I'll refactore it
>>to put also the _auth_imap() call into findUser()
>>to circumvent the dirty hack with Password=Dummy
>>and not giving the socket object in $self->{_imap_sock}
>>out of control. I'll rewrite it to the following
>>scheme
> 
> 
> I dont know if thats right.
> You have to implement check_plain_password, and it has to actually check the 
> password, so I dont think you can refactor that way.

hmm, perhaps I can't explain it since my english isn't very well.

The trick is, that I don't have to implement chack_plain_password
since I check already in findUser the imap authentication and
force the AuthGeneric::check_plain_password to match
or miss by proper choosen check-item passwords.

If the imap auth is successful, I return a user with a
synthetical check-item Password=typed-in-password
so the AuthGeneric::check_plain_password matches.

If the imap auth isn't successful I return
with a faked check-item Password=which-never-matches
so the AuthGeneric::check_plain_password rejects.

I'll code this, since perl is semantical stricter then
my explanation in bad english so we can discuss about
the different implementations with pro and cons.

Best regards
	Charly
-- 
Karl Gaissmaier       KIZ/Infrastructure, University of Ulm, Germany
Email:karl.gaissmaier at kiz.uni-ulm.de           Service Group Network

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list