[Spice-devel] remote-viewer spice auth
Christophe Fergeau
cfergeau at redhat.com
Tue Oct 22 10:30:37 CEST 2013
On Sat, Oct 19, 2013 at 11:53:55AM -0400, Marc-André Lureau wrote:
> > Why? Using SASL without username is a bit limited - or do I miss something?
>
> Current SASL implementation in Spice doesn't support username.
>
> > And you can still use tickets if you check for strlen(username) == 0 ?
>
> There is noneed to ask the user a username for the current methods. He
> wouldn't do what to put there.
I don't think mandating that the username we use for SASL is the unix user
name the client runs as makes a lot of sense. Imo it would be better if we
always asked for username/password when SASL asks for it, and prefill the
username field with the local unix user name.
For what it's worth, when using vnc+sasl, we get asked for a username when
using digest-md5.
Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/spice-devel/attachments/20131022/640d6452/attachment.pgp>
More information about the Spice-devel
mailing list