[JDEV] Should registration be always initiated by the client?
Miguel A.L. Paraz
map at internet.org.ph
Tue Oct 9 11:45:17 CDT 2001
Hi,
Thanks to all who helped with my previous question on changing responses
for nonexistent users.
What I wanted to do was:
1. Client asks to login with username and password
2. Server says user does not exist
3. Client asks to registers user, automatically uses dialup password
4. Server uses RADIUS to check if password is valid, and registers if so
5. Client asks to login
6. Server accepts login
What about doing it this way:
1. Client asks to login with username and password
2. Server finds that user does not exist, checks password using RADIUS,
logs in.
Based on my limited experience, it seems that the first way is the right
way to do it, though the server has to reveal the fact that the user does
not exist. This is not done in the second way, but, we have to do
the user check, registration and login in one step which does not seem
right.
Thanks in advance!
More information about the JDev
mailing list