On Mon, Jun 25, 2001 at 11:27:31AM -0400, Tony Byers wrote:
> Hello,
>
> Could anyone tell me why the server needs to pass through authreg.c twice
> for a sign on? And why does it have the username but not the password
> on the first pass? Lastly, is there any way to get the password on the
> first pass? I would like to see if the user comes up as null, then do
> an automatic register (assuming they pass a kerberos check). If anyone
> knows of a better way to do this, I would really appreciate any advice.
(1) twice, because of an iq-get to discover authentication methods available,
followed by an iq-set to send the credentials
(2) it only has the username on the first pass as this is the iq-get, and
the username is needed (nothing else) to look up the user's spool data,
so the auth modules can see if the appropriate data is stored for that
user and that method
(3) auto-register, "comes up as null"? - hmm. If a user doesn't exist,
you get a 401 unauthorized, not a null, on an authentication (iq-set)
attempt. One way would be to look into how iq:register works - e.g. if
you try and register an *existing* user you get an error (409 Not
Available, I think) whereas if the user doesn't exist, the registration
is successful. I'm not sure this is a good idea anyway, I'm just
thinking aloud.
There's also the <auth/> 'hack' which allows you to substitute your
own-rolled authentication mechanism(s), which you might want to look
into, as it would give you more control over things.
Hope that helps
dj
_______________________________________________
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev
