[Imap-protocol] example of authentication PLAIN with imap?

Philip Guenther guenther+imap at sendmail.com
Fri Jan 25 20:13:38 PST 2008

Previous message: [Imap-protocol] example of authentication PLAIN with imap?
Next message: [Imap-protocol] example of authentication PLAIN with imap?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 25 Jan 2008, Bill Janssen wrote:
...

> So I believe that a plain authentication challenge should look something

> like this (for valid account with username "janssen", password "foo"):

>

> C: 4 authenticate plain\r\n

> S: +\r\n

> C: AGphbnNzZW4AZm9v\r\n

> S: 4 OK authenticate\r\n

>

> D'accord?

Nope. You didn't check the syntax for a command continuation request
response. On page 84 of RFC 3501 we find:

continue-req = "+" SP (resp-text / base64) CRLF

I.e., the space after the plus-sign is mandatory, even when the base64 is
empty. So make the first server line above:
S: + \r\n

The rest of that looks correct to me.

As a side-note, the server should consider including in the tagged OK
response to AUTHENTICATE a CAPABILITY response code that lists the
capaibilities that are useful after authentication. e.g.,

S: 4 OK [CAPABILITY IMAP4rev1 IDLE MULTIAPPEND X-MOTTO] Authentication succeeded\r\n

(c.f. section 6.2.2p9 for details and when not bother)

Philip Guenther

Previous message: [Imap-protocol] example of authentication PLAIN with imap?
Next message: [Imap-protocol] example of authentication PLAIN with imap?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Imap-protocol mailing list