[JDEV] Should registration be always initiated by the client?

Thomas Muldowney temas at box5.net
Wed Oct 10 10:38:15 CDT 2001


Basically sounds like you just want a new auth module for a Radius.
Nothing too major there, but you would need to make sure the module
checks that their other information is setup (the register part).

--temas

On Wed, Oct 10, 2001 at 12:45:17AM +0800, Miguel A.L. Paraz wrote:
> Hi,
> Thanks to all who helped with my previous question on changing responses
> for nonexistent users.
> 
> What I wanted to do was:
> 1. Client asks to login with username and password
> 2. Server says user does not exist
> 3. Client asks to registers user, automatically uses dialup password
> 4. Server uses RADIUS to check if password is valid, and registers if so
> 5. Client asks to login
> 6. Server accepts login
> 
> What about doing it this way:
> 1. Client asks to login with username and password
> 2. Server finds that user does not exist, checks password using RADIUS,
>    logs in.
> 
> Based on my limited experience, it seems that the first way is the right
> way to do it, though the server has to reveal the fact that the user does
> not exist.  This is not done in the second way, but, we have to do
> the user check, registration and login in one step which does not seem
> right.
> 
> Thanks in advance!
> 
> 
> 
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20011010/3442ba76/attachment-0002.pgp>


More information about the JDev mailing list