From: Kai Blin (no email)
Date: Fri Jan 12 2007 - 18:23:23 EST
On Friday 12 January 2007 06:41, Henry B. Hotz wrote:
> On Jan 11, 2007, at 2:03 PM, Kai Blin wrote:
> > On Thursday 11 January 2007 19:42, Henry B. Hotz wrote:
> >> Windows does have a SASL API. It's layered on top of the SSPI, and
> >> msdn documents the calls themselves. I would assume that they work,
> >> at least for email clients.
> > Are there any apps out there that use this at all? As far as I can
> > tell, SSPI
> > itself is only used by a handful of applications. The SASL api
> > seems to be
> > quite new, and used on server platforms only.
> No fair, I was asking you that!! ;-)
> Can you even tell from the doc's if it's a client or server API?
Well, it has SaslAcceptSecurityContext, which according to the docs wraps
AcceptSecurityContext, which is the function the server calls to authenticate
the client. There's also SaslInitializeSecurityContext, which is the function
the client calls to generate the auth request and to handle the auth
challenges the server sends. But in the case of forwarded credentials, a
server could call that, too.
Looking at the "Requirements", it only lists "Server: Requires Windows Server
"Longhorn", Windows Server 2003, or Windows 2000 Server."
Usually, it also lists clients there, but there's no such listing for the
Sasl* functions. If we're willing to trust MSDN in that aspect, I'd say it's
a server side api.
> As to the SSPI, I thought that IE/IIS use it.
To my knowlede, it's used by IIS and the MS Proxy server to authenticate
users, so IE uses it, too. MS Exchange uses it, so MS Outlook uses it, too.
MS SQL server uses it, as does some distributed build plugin for Visual
Studio. Those are the only use cases I know of so far, apart from a couple of
demo apps. Only the Visual Studio plugin was not written by Microsoft. I
would say that SSPI is pretty much an in-house API.
> Have you seen any email apps that use the API? That's the use I
> would expect.
MS Outlook does not use it. I'm certain on that one, as I've spent my summer
helping to get Outlook networking to work in Wine. IE doesn't use it either,
for all I know. As MSDN hints that this is a server side API, maybe one of
the server apps uses it, but I'd even doubt that.
-- Kai Blin, <blin At gmx Dot net> WorldForge developer http://www.worldforge.org/ Wine developer http://wiki.winehq.org/KaiBlin/ -- Ninjas and Pirates agree: Cowboys suck!