> > The password is not encryped, so this method is only safe if you use TLS. > > Can you describe what you are trying to achieve exactly through this > auth_plain_verify_credentials callback? I assume you want to check the > (username, password) against 'something' once you got them from the client? I implemented a prototype in spiceterm: https://git.proxmox.com/?p=spiceterm.git;a=commitdiff;h=12fe052c0947d5eae07274e98165f0dc6efce134 That simply connects to the lo local PVE API to verify username/password. _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/spice-devel