Menu
▾
▴
Re: Authorization with Authen::SASL::Perl::External
|
From: Norbert K. <nor...@da...> - 2002-05-08 07:33:52
|
--On Dienstag, 7. Mai 2002 10:42 -0700 "Kurt D. Zeilenga"=20 <Ku...@Op...> wrote: >> Hi, >> RFC2222 says that in the EXTERNAL mechanism "The client sends an initial >> response with the authorization identity." > > It also says: > If the client sends the empty string as the authorization identity... > > Unless the client is attempting proxy authorization, the client > should send an empty string. This has been discussed in great > detail on the iet...@im... mailing list. Seems I mixed up the terminology. Just to be sure: authname =3D authENTICATION identity user =3D authORIZATION identity Correct? Nevertheless, the EXTERNAL mechanism has only one round trip so that the=20 authorize-id needs to be send in client_start. client_step will never get=20 called and can be removed. Also, the noanonymous flag can be set. See=20 attached patch. --=20 Dipl.-Inform. Norbert Klasen DAASI International GmbH phone: +49 7071 29 70336 Wilhelmstr. 106 fax: +49 7071 29 5114 72074 T=FCbingen email: nor...@da... Germany web: http://www.daasi.de |
