[Standards] rfc3920bis: SASL "fallback" on auth failure

Maciek Niedzielski machekku at uaznia.net
Wed Mar 26 10:48:52 UTC 2008


Alexey Melnikov pisze:
> Ralph Meijer wrote:
>> On Tue, 2008-03-25 at 15:16 -0600, Peter Saint-Andre wrote:
>>> Evan Schoenberg of the Adium project pinged offlist regarding the proper
>>> behavior for a client to follow if SASL authentication fails using one
>>> mechanism but other mechanisms are available.
>>> [..]
>> If one mechanism fails with <not-authorized/>, why would another one
>> succeed, exactly?
> Because different mechanisms might be using different authentication 
> databases. For example DIGEST-MD5 and GSSAPI.
Is it usually possible for the server to know that failure was caused by 
using wrong method? If yes, maybe it would be worth adding a different 
error for this case?

-- 
Maciek
  xmpp:machekku at uaznia.net



More information about the Standards mailing list