I have seen some servers that returns
AUTH=LOGIN
when I request the CAPABILITY of the IMAP server e.g:
1 CAPABILITY
CAPABILITY IMAP4 IMAP4rev1 AUTH=LOGIN AUTH=PLAIN AUTH=XOAUTH2 SASL-IR UIDPLUS ID UNSELECT CHILDREN IDLE NAMESPACE LITERAL+
How can I find more information about AUTH=LOGIN
and how could I use it to login directly in the console on the server?
I tried googling it, but wasn't successful. And I would like to implement this Login format in my JAVA IMAP client.
Best Answer
LOGIN SASL mechanism is very similar to the PLAIN mechanism, but it takes two steps to authenticate:
Which, after base64 decoding translates to:
The specification says that challenges from the server should be
User Name
andPassword
, but:There is no password encryption/hashing involved so you may test both sides quite easilly, for unencrypted communication use
netcat
for encryptedopenssl s_client
oropenssl s_server
.Note that the example above lacks the used protocol necessities as this part is common to all protocols you may need (SMTP/POP3/IMAP...). The actual communication must still follow the protocol specifications:
IMAP
SMTP