Hi Andreas,
authentication may failed either because the username is not valid, either because the password is not valid.
what you are saying make sense only for the case b). And to make difference between the two errors, the script function should return different error codes.
regards, bogdan
Andreas Granig wrote:
Hi,
While authorizing a user, auth_db only loads additional AVPs on success. IMO it would also make sense to load them on failure, so you could easily check if it's a known user with wrong credentials or an unknown user.
It would especially be useful for fetching the uuid of the user although authorization fails.
Any comments?
Andy
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users