On Jan 3, 2007, at 3:03 PM, Dave Cridland wrote:
Unless you can tell me that there is a properly-documented API for
an ACAP library that's deployed on as many platforms (including
Java) as SASL already is, *AND* that it's no harder to write/
modify an application to use ACAP than it is to use SASL, then
I'm not interested. Sorry. You're welcome to try to convince
me, but it sounds off-topic for this list.
ACAP is merely an example of a protocol that got the SASL profile
right, not a replacement for SASL. It does the full range of
signalling required, so you know what to do on failure, and it also
handles both initial responses and data on success, to drop the
round-trip count.
OK, I'll consider it an example to look at (once I have the basics I
already understand done).
In my current experiments Cyrus SASL doesn't appear to work when
you call sasl_client_start() with the second mechanism to try.
There are a lot of variables here, and a better-than-even chance
the problem is in my code, not the library. Once I have
something properly working I'll revisit this issue. I gather
you're claiming that ACAP solves this (and other) problems. See
above.
No, sasl_client_new() is once per connection. sasl_client_start()
is once per authentication attempt. <sasl/sasl.h> has some useful
documentation, look for "Basic client model".
Saw that. It's the only documentation I found that even partly
covered how to try multiple mechanisms. At least for my (lack of)
experience, it wasn't adequate for my first attempt. I've since
gotten an outline from Simon W. which is more apropos.
------------------------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@xxxxxxxxxxxx, or hbhotz@xxxxxxx
