[Imap-protocol] example of authentication PLAIN with imap?

Bill Janssen janssen at parc.com
Fri Jan 25 19:58:07 PST 2008

Previous message: [Imap-protocol] example of authentication PLAIN with imap?
Next message: [Imap-protocol] example of authentication PLAIN with imap?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Good luck!

>

> Proper understanding of how all this works requires carefully going

> through RFC 3501 section 6.2.2, and all of RFC 4422 and RFC 4616.

>From 6.2.2 of 3501:

A server challenge consists of a
command continuation request response with the "+" token followed
by a BASE64 encoded string. The client response consists of a
single line consisting of a BASE64 encoded string. If the client
wishes to cancel an authentication exchange, it issues a line
consisting of a single "*". If the server receives such a
response, it MUST reject the AUTHENTICATE command by sending a
tagged BAD response.

So I believe that a plain authentication challenge should look something
like this (for valid account with username "janssen", password "foo"):

C: 4 authenticate plain\r\n
S: +\r\n
C: AGphbnNzZW4AZm9v\r\n
S: 4 OK authenticate\r\n

D'accord?

But what I see (from Thunderbird) is

C: 4 authenticate plain\r\n
S: +\r\n
C: AGphbnNzZW4AZm9v

so my server never knows when to stop waiting for the client to send
more data...

Bill

Previous message: [Imap-protocol] example of authentication PLAIN with imap?
Next message: [Imap-protocol] example of authentication PLAIN with imap?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Imap-protocol mailing list