X-Git-Url: http://git.dolda2000.com/gitweb/?a=blobdiff_plain;f=doc%2Fprotocol%2Fcmd%2Flogin.tex;fp=doc%2Fprotocol%2Fcmd%2Flogin.tex;h=8e11d84f2a35d4e95cedb543d1ab30a2688d8f31;hb=43c0eb2d8744a2f2d3690b723eb226dca33c0c3b;hp=0000000000000000000000000000000000000000;hpb=cf9b068afda70d24f416d86faf90a27c39e905ad;p=doldaconnect.git

diff --git a/doc/protocol/cmd/login.tex b/doc/protocol/cmd/login.tex
new file mode 100644
index 0000000..8e11d84
--- /dev/null
+++ b/doc/protocol/cmd/login.tex
@@ -0,0 +1,57 @@
+\syntax{login MECH USERNAME}
+
+\begin{reqdesc}
+  Begin an authentication process. The \param{MECH} parameter should
+  match one of the authentication mechanisms returned by the
+  \reqref{lsauth} request. The \param{USERNAME} parameter is the name
+  of the user account to authenticate against.
+
+  Depending on the authentication mechanism, the authentication
+  process may either succeed immediately, or require further
+  information, which should be passed in subsequent \reqref{pass}
+  requests.
+\end{reqdesc}
+
+\revision{1}
+\noperm
+
+\begin{responses}
+  \response{200}
+  The authentication succeeded, and the communication channel is now
+  considered logged in by the daemon.
+  \response{300 DATA}
+  The authentication process needs more data. The \param{DATA}
+  parameter contains data specific to the mechanism being carried
+  out. The client should process it appropriately and send the
+  response data in a \reqref{pass} request.
+  \response{301 PROMPT}
+  The authentication process needs data from the user,
+  interactively. The \param{PROMPT} parameter should be presented to
+  the user, and a string of text should be requested from the user
+  without echoing it on the screen (probably a password prompt).
+  \response{302 PROMPT}
+  Like 301, but the data should be echoed on the screen.
+  \response{303 INFO}
+  The authentication mechanism wishes to present data to the user. The
+  \param{INFO} parameter is a string that should be displayed to the
+  user.
+  \response{304 INFO}
+  Like 303, but \param{INFO} should be considered an error.
+  \response{503}
+  This communication channel is already logged in, and therefore
+  cannot start an authentication process.
+  \response{504}
+  The \param{USERNAME} parameter was invalid, as it could not be
+  converted to the local character set of the system running the
+  daemon.
+  \response{505}
+  A system error of some kind occurred that prevented authentication
+  from proceeding. The daemon administrator should consult the logs to
+  find the cause of the error.
+  \response{506}
+  The authentication failed. Probable reasons include incorrect
+  passwords, expired Kerberos tickets, etc.
+  \response{508}
+  The mechanism specified in the \param{MECH} parameter is not
+  supported by the daemon.
+\end{responses}