Re: SASL support

Sun, 18 Nov 2001 09:00:20 -0800 

Quoting Harmeet <[EMAIL PROTECTED]>:
> This does seem interesting. You should submit patches to this list. My
> preference is to have both source file and diff -u. Alternativly whatever
> is convenient for you. Help is appreciated.
> This is the correct list for questions about implementation etc.
> 
> The best steps could be to
> - Identify a client that you are using to test SASL. Preferably cross
> platform, so that others can easily test it too.
> - Add SASL support in SMTP.  At least <doAuth> and <doEHLO> method in
> SMTPHandler.java would need to be changed. Please ask if you need some
> help.

Yup, these are the two I have modified. I also added another supporting class
that implements the actual SMTP SASL profile stuff. Attached are the diffs
showing the changes to SMTPHandler.java and the new SaslProfile.java file.

I do have some questions though:

 - Is there an something (document / mailing list message etc.) that explains
how the logging works and how I go about configuring it? I'd like to use better
logging.

 - I somehow need to make use of the JAMES password databases, but I'm not quite
sure how to go about this. The SRP mechanisms in particular have specific
requirements, since they use verifiers and not passwords and have other
password-related configuration information. Any ideas?

 - It appears that all configuration information is in the .xml files and is
then read into a Configuration object that is passed to the configure method of
the class. Is this correct, and if so should I just add the SASL-related
information to the smtpserver section in the james-config.xml file?

> Harmeet

It's not that easy to test this at the moment, since I had to make some changes
(okay bug fixes ;-) to the SASL library while I was implementing. These changes
are only in the CVS version on SourceForge. The (Java) test client I'm using is
also there. I'll post detailed instructions once we've made a new release of the
library and I've got the details sorted out. So far, SRP and PLAIN work nicely
for authentication, but without a security layer.

  - Keith

Attachment: SMTPHandler.java.unified-diff
Description: Binary data

Attachment: SMTPHandler.java.context-diff
Description: Binary data

Attachment: SMTPHandler.java
Description: Binary data

Attachment: SaslProfile.java
Description: Binary data

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to