[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVS gsasl/doc
From: |
gsasl-commit |
Subject: |
CVS gsasl/doc |
Date: |
Sun, 07 Nov 2004 17:26:50 +0100 |
Update of /home/cvs/gsasl/doc
In directory dopio:/tmp/cvs-serv9109
Modified Files:
gsasl.texi
Log Message:
Fix.
--- /home/cvs/gsasl/doc/gsasl.texi 2004/11/07 16:05:36 1.92
+++ /home/cvs/gsasl/doc/gsasl.texi 2004/11/07 16:26:50 1.93
@@ -1312,10 +1312,10 @@
application using it. To handle these differences the library can use
a callback function into your application in several different ways.
Some mechanisms, such as @samp{PLAIN}, are simple to explain and use.
-The client callback for these mechanisms is implement by querying the
-user for a username and password. The server callback hand the
-username and password into any local policy deciding authentication
-system (such as @file{/etc/passwd} via PAM).
+The client callback for these mechanisms should query the user for a
+username and password. The server callback hand the username and
+password into any local policy deciding authentication system (such as
address@hidden/etc/passwd} via PAM).
Mechanism such as @samp{CRAM-MD5} and @samp{DIGEST-MD5} uses hashed
passwords. The client callback are the same as for PLAIN. However,
@@ -1352,11 +1352,11 @@
@section The EXTERNAL mechanism
The EXTERNAL mechanism is used to authenticate a user to a server
-using some out-of-band authentication environment. EXTERNAL is often
-used within TLS or IPSEC protected channels. Note that in the server,
-you need to make sure that TLS and IPSEC actually authenticated the
-client successfully. It is normally not sufficient for TLS and IPSEC
-to be used, since they provided anonymous modes.
+based on out-of-band authentication. EXTERNAL is typically used over
+TLS authenticated channels. Note that in the server, you need to make
+sure that TLS actually authenticated the client successfully. It is
+normally not sufficient that TLS is used, since they also support
+anonymous modes.
In the client, this mechanism is always enabled, and will send the
@code{GSASL_AUTHZID} property as the authorization name to the server,
@@ -1385,7 +1385,7 @@
In the server, this mechanism will invoke the
@code{GSASL_VALIDATE_ANONYMOUS} callback to decide whether the client
should be permitted to log in. Your callback can retrieve the
address@hidden property, for example to store it in a
address@hidden property to, for example, save it in a
log file. The token is normally not used to decide whether the client
should be permitted to log in or not.
- CVS gsasl/doc, gsasl-commit, 2004/11/05
- CVS gsasl/doc, gsasl-commit, 2004/11/05
- CVS gsasl/doc, gsasl-commit, 2004/11/07
- CVS gsasl/doc, gsasl-commit, 2004/11/07
- CVS gsasl/doc, gsasl-commit, 2004/11/07
- CVS gsasl/doc,
gsasl-commit <=
- CVS gsasl/doc, gsasl-commit, 2004/11/07
- CVS gsasl/doc, gsasl-commit, 2004/11/07
- CVS gsasl/doc, gsasl-commit, 2004/11/07
- CVS gsasl/doc, gsasl-commit, 2004/11/07
- CVS gsasl/doc, gsasl-commit, 2004/11/07
- CVS gsasl/doc, gsasl-commit, 2004/11/07
- CVS gsasl/doc, gsasl-commit, 2004/11/07
- CVS gsasl/doc, gsasl-commit, 2004/11/13
- CVS gsasl/doc, gsasl-commit, 2004/11/18
- CVS gsasl/doc, gsasl-commit, 2004/11/18