Multiple-Mechanism Sample Code?

[Henry B. Hotz]

On Jan 3, 2007, at 3:03 PM, Dave Cridland wrote:

>> Unless you can tell me that there is a properly-documented API for  
>> an  ACAP library that's deployed on as many platforms (including  
>> Java) as  SASL already is, *AND* that it's no harder to write/ 
>> modify an  application to use ACAP than it is to use SASL, then  
>> I'm not  interested.  Sorry.  You're welcome to try to convince  
>> me, but it  sounds off-topic for this list.
> ACAP is merely an example of a protocol that got the SASL profile  
> right, not a replacement for SASL. It does the full range of  
> signalling required, so you know what to do on failure, and it also  
> handles both initial responses and data on success, to drop the  
> round-trip count.

OK, I'll consider it an example to look at (once I have the basics I  
already understand done).

>> In my current experiments Cyrus SASL doesn't appear to work when  
>> you  call sasl_client_start() with the second mechanism to try.   
>> There are  a lot of variables here, and a better-than-even chance  
>> the problem is  in my code, not the library.  Once I have  
>> something properly working  I'll revisit this issue.  I gather  
>> you're claiming that ACAP solves  this (and other) problems.  See  
>> above.
> No, sasl_client_new() is once per connection. sasl_client_start()  
> is once per authentication attempt. <sasl/sasl.h> has some useful  
> documentation, look for "Basic client model".

Saw that.  It's the only documentation I found that even partly  
covered how to try multiple mechanisms.  At least for my (lack of)  
experience, it wasn't adequate for my first attempt.  I've since  
gotten an outline from Simon W. which is more apropos.

------------------------------------------------------------------------
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu