Opened 3 years ago

#5313 enhancement new

Provide alternative for (and deprecate) twistd ftp --userAnonymous

Reported by: cyli Owned by:
Priority: normal Milestone:
Component: core Keywords:
Cc: Branch:
Author: Launchpad Bug:

Description

Originally part of #4752

It would be nice if --userAnonymous could also be eliminated, with the determination about whether a user is anonymous delegated to the credentials checker. However, it appears as though the server wants to return "331.2" instead of "331.1" when an anonymous login is being attempted, which requires the server to know if it is going to be an anonymous login before the "password" is sent (hence before the login is attempted).

Perhaps we can get rid of --userAnonymous.

After FTP receives the username, it can log in to the portal with UsernamePassword(username, ""). If this succeeds, the server can proceed to prompt for the "password" (ie, email address) and log it or whatever. If it fails, the server can prompt for the password and re-try login with UsernamePassword(username, password).

This would let an IUsernamePassword credentials checker decide which username corresponds to the anonymous user and return ANONYMOUS when it sees a login attempt for that username. If the realm also allows anonymous users, this would succeed with a usable avatar.

Change History (0)

Note: See TracTickets for help on using tickets.