[doldaconnect.git] / doc / protocol / cmd / login.tex

\syntax{login MECH USERNAME}

\begin{reqdesc}
  Begin an authentication process. The \param{MECH} parameter should
  match one of the authentication mechanisms returned by the
  \reqref{lsauth} request. The \param{USERNAME} parameter is the name
  of the user account to authenticate against.

  Depending on the authentication mechanism, the authentication
  process may either succeed immediately, or require further
  information, which should be passed in subsequent \reqref{pass}
  requests.
\end{reqdesc}

\revision{1}
\noperm

\begin{responses}
  \response{200}
  The authentication succeeded, and the communication channel is now
  considered logged in by the daemon.
  \response{300 DATA}
  The authentication process needs more data. The \param{DATA}
  parameter contains data specific to the mechanism being carried
  out. The client should process it appropriately and send the
  response data in a \reqref{pass} request.
  \response{301 PROMPT}
  The authentication process needs data from the user,
  interactively. The \param{PROMPT} parameter should be presented to
  the user, and a string of text should be requested from the user
  without echoing it on the screen (probably a password prompt).
  \response{302 PROMPT}
  Like 301, but the data should be echoed on the screen.
  \response{303 INFO}
  The authentication mechanism wishes to present data to the user. The
  \param{INFO} parameter is a string that should be displayed to the
  user.
  \response{304 INFO}
  Like 303, but \param{INFO} should be considered an error.
  \response{503}
  This communication channel is already logged in, and therefore
  cannot start an authentication process.
  \response{504}
  The \param{USERNAME} parameter was invalid, as it could not be
  converted to the local character set of the system running the
  daemon.
  \response{505}
  A system error of some kind occurred that prevented authentication
  from proceeding. The daemon administrator should consult the logs to
  find the cause of the error.
  \response{506}
  The authentication failed. Probable reasons include incorrect
  passwords, expired Kerberos tickets, etc.
  \response{508}
  The mechanism specified in the \param{MECH} parameter is not
  supported by the daemon.
\end{responses}
Commit	Line	Data
	1	\syntax{login MECH USERNAME}
	2
	3	\begin{reqdesc}
	4	Begin an authentication process. The \param{MECH} parameter should
	5	match one of the authentication mechanisms returned by the
	6	\reqref{lsauth} request. The \param{USERNAME} parameter is the name
	7	of the user account to authenticate against.
	8
	9	Depending on the authentication mechanism, the authentication
	10	process may either succeed immediately, or require further
	11	information, which should be passed in subsequent \reqref{pass}
	12	requests.
	13	\end{reqdesc}
	14
	15	\revision{1}
	16	\noperm
	17
	18	\begin{responses}
	19	\response{200}
	20	The authentication succeeded, and the communication channel is now
	21	considered logged in by the daemon.
	22	\response{300 DATA}
	23	The authentication process needs more data. The \param{DATA}
	24	parameter contains data specific to the mechanism being carried
	25	out. The client should process it appropriately and send the
	26	response data in a \reqref{pass} request.
	27	\response{301 PROMPT}
	28	The authentication process needs data from the user,
	29	interactively. The \param{PROMPT} parameter should be presented to
	30	the user, and a string of text should be requested from the user
	31	without echoing it on the screen (probably a password prompt).
	32	\response{302 PROMPT}
	33	Like 301, but the data should be echoed on the screen.
	34	\response{303 INFO}
	35	The authentication mechanism wishes to present data to the user. The
	36	\param{INFO} parameter is a string that should be displayed to the
	37	user.
	38	\response{304 INFO}
	39	Like 303, but \param{INFO} should be considered an error.
	40	\response{503}
	41	This communication channel is already logged in, and therefore
	42	cannot start an authentication process.
	43	\response{504}
	44	The \param{USERNAME} parameter was invalid, as it could not be
	45	converted to the local character set of the system running the
	46	daemon.
	47	\response{505}
	48	A system error of some kind occurred that prevented authentication
	49	from proceeding. The daemon administrator should consult the logs to
	50	find the cause of the error.
	51	\response{506}
	52	The authentication failed. Probable reasons include incorrect
	53	passwords, expired Kerberos tickets, etc.
	54	\response{508}
	55	The mechanism specified in the \param{MECH} parameter is not
	56	supported by the daemon.
	57	\end{responses}