Re: Windows Interop

From: Kai Blin (no email)
Date: Fri Jan 12 2007 - 18:23:23 EST

  • Next message: Howard Chu: "Re: Sponsoring a canon_user plugin for LDAP lookup"

    On Friday 12 January 2007 06:41, Henry B. Hotz wrote:
    > On Jan 11, 2007, at 2:03 PM, Kai Blin wrote:
    > > On Thursday 11 January 2007 19:42, Henry B. Hotz wrote:
    > >> Windows does have a SASL API. It's layered on top of the SSPI, and
    > >> msdn documents the calls themselves. I would assume that they work,
    > >> at least for email clients.
    > >
    > > Are there any apps out there that use this at all? As far as I can
    > > tell, SSPI
    > > itself is only used by a handful of applications. The SASL api
    > > seems to be
    > > quite new, and used on server platforms only.
    > No fair, I was asking you that!! ;-)
    > Can you even tell from the doc's if it's a client or server API?

    Well, it has SaslAcceptSecurityContext, which according to the docs wraps
    AcceptSecurityContext, which is the function the server calls to authenticate
    the client. There's also SaslInitializeSecurityContext, which is the function
    the client calls to generate the auth request and to handle the auth
    challenges the server sends. But in the case of forwarded credentials, a
    server could call that, too.

    Looking at the "Requirements", it only lists "Server: Requires Windows Server
    "Longhorn", Windows Server 2003, or Windows 2000 Server."

    Usually, it also lists clients there, but there's no such listing for the
    Sasl* functions. If we're willing to trust MSDN in that aspect, I'd say it's
    a server side api.

    > As to the SSPI, I thought that IE/IIS use it.

    To my knowlede, it's used by IIS and the MS Proxy server to authenticate
    users, so IE uses it, too. MS Exchange uses it, so MS Outlook uses it, too.
    MS SQL server uses it, as does some distributed build plugin for Visual
    Studio. Those are the only use cases I know of so far, apart from a couple of
    demo apps. Only the Visual Studio plugin was not written by Microsoft. I
    would say that SSPI is pretty much an in-house API.

    > Have you seen any email apps that use the API? That's the use I
    > would expect.

    MS Outlook does not use it. I'm certain on that one, as I've spent my summer
    helping to get Outlook networking to work in Wine. IE doesn't use it either,
    for all I know. As MSDN hints that this is a server side API, maybe one of
    the server apps uses it, but I'd even doubt that.


    Kai Blin, <blin At gmx Dot net>
    WorldForge developer
    Wine developer
    Ninjas and Pirates agree: Cowboys suck!

  • Next message: Howard Chu: "Re: Sponsoring a canon_user plugin for LDAP lookup"

    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs

    Powered By FreeBSD   Powered By FreeBSD