MySQL module

Karjala karjala_lists at karjala.org
Mon Jul 3 13:31:43 UTC 2006


I also know what challenge/response means.

One of the things I don't understand is how allowing plaintext passwords 
will make challenge/response type stuff to happen.

Thanks,

 - Alex


Karjala wrote:
> I don't really know how authentication works. How many different modes 
> of authentication are there?
>
> I know what SSL means (from the web), and I know what Basic 
> authentication is on the web.
>
> How do TLS, cleartext, encrypted passwords, "the weakest type of auth" 
> and plaintext relate to the above?
>
> Thanks,
>
> - Alex
>
>
> Brad Fitzpatrick wrote:
>> Nice.
>>
>> Can you make it support "can_retrieve_cleartext" when encrypted 
>> passwords
>> are disabled?
>>
>> Because as is, your module only supports the weakest type of auth, which
>> requires users passwords to going flying about, and a lot of Jabber
>> clients complain loudly about that.
>>
>> If you're able to give DJabberd the plaintext password, though, it 
>> will do
>> all the challenge/response type stuff so clients don't complain.
>>
>> - Brad
>>
>>
>> On Mon, 3 Jul 2006, Karjala wrote:
>>
>>  
>>> Instructions are in the POD. I tested it, it works.
>>>
>>>
>>> Brad Fitzpatrick wrote:
>>>    
>>>> You going to write the MySQL authen plugin?
>>>>
>>>>       
>>>     
>>
>>   
>
>
>




More information about the Djabberd mailing list