felixauringer commented on PR #3044: URL: https://github.com/apache/james-project/pull/3044#issuecomment-4496037996
> We are either authenticated or STARTTLS is active Okay, I removed all calls of `stopDetectingCommandInjection` except one in `authSuccess`. Before, it was also called if authentication had failed. Another question: After a successful authentication, the server tries to provision the mailboxes for the user but ignores potential errors. The authentication is not aborted. Is that the behavior you would like in that case? Before my changes, the server would send a `NO` reply but not reset the session, so I guess the session would have been authenticated. That's weird behavior that I would like to get rid off but I am not sure what the correct behavior would be. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
