Forum OpenACS Development: auth-imap; and external authentication specification question

I am working on an external authentication driver modules which uses an IMAP conection to authenticate a user.

This would allow to authenticate users to yet existing user bases in a very simple way.

One thing I am not sure about is, how (and if) non-implemented function have to be ... implemented:

Example:
----
RetrievePassword
Input:
    username
    parameters (array-list of key/value pairs)
Output:
    successful_p: boolean
    password (or blank, if the server sends the user its new password
        directly)
    message: To be relayed to the user
----
If "CanRetrievePassword" returns 'f' all the time, has a service contract for this function to be registered?  And if, what should it return?

This module is inspired by the way how TMDA manages authentication sources.  They can do it with POP3 too, but I have not found a POP3 module for Aolserver.

Hi Georg,

That is a great idea, to use IMAP and POP3.

I have played around with the POP3 code in the tcllib repository, found at http://tcllib.sf.net/ .  I think if you can get around the "package require" parts (or if you are using AOLserver v4.x) that might work well for you.

Thanks for the link.

As soon as I manage to get time I will implement also auth-pop3.

Yes, you do need to write the proc still, but you can just say:

return { password_status not_supported }

It should never get called, anyway, but that's the polite thing to do, in case someone chooses to write new code that invokes the service contract directly.

See the auth-ldap package for an example.

(I just changed the body of RetrievePassword from being empty to returning not_supported.)

/Lars