Re: OnAfterAuth Event for TIdPOP3Server

Giganews Newsgroups
Subject: Re: OnAfterAuth Event for TIdPOP3Server
Posted by:  Remy Lebeau (TeamB) (
Date: Sat, 17 Jun 2006

"Christian Danner" <---@---.---> wrote in message

> With TidNNTPServer resp. TIdSMTPServer there exists only one
> authentication method, which results in OnAuth and OnUserLogin.
> Moreover the result of the authentication process has to be defined
> at the end of those procedures.

In the case of NNTP, the RFCs for the protocol itself only defines a few
authentication schemes, and the OnAuth event covers them all.

In the case of SMTP, only one authentication scheme is defined in the SMTP
RFCs, so it is the only one supported by TIdSMTPServer natively.  More
advanced schemes would be too complex to implement in the server directly,
so you have to implement them yourself in your own code.

> That's totally different with the TIdPOP3Server. On the one hand
> there are 2 authentication mechanisms, USER / PASS represented
> by the OnCheckUser event and APOP with OnAPOP.

Both of those are in the POP3 RFCs, so they are implemented directly in

> Besides that within OnAPOP the outcome of the check isn't known
> yet, as the hash calculation and comparison takes place afterwards.

Because the hash depends on the password that OnAPOP has to provide for the
specified user.

> So for taking special action (only) when entering transaction state
> after a successful authentication IMHO an OnAfterAuth event
> called after
>    LThread.fAuthenticated := true;
> in CommandAPOP and CommandPass is urgently needed.

What kind of actions are you wanting to perform?

> Or is there a solution I didn't realize?

You did not miss anything.




In response to

OnAfterAuth Event for TIdPOP3Server posted by Christian Danner on Sat, 17 Jun 2006