wodSmtpServer ActiveX Control - Authenticate Event
 Authenticate Event
    
 

Description

Fires when user wants to authenticate with the server.


Syntax

Private Sub object_Authenticate(User, Username, Password, AuthMethod, Action)



The Authenticate Event syntax has these parts:

Part Description
object A wodSmtpServer object.
User A SmtpUser object. Reference to the user who wants to authenticate.
Username A String value. Holds user's username/login.
Password A String value. Holds user's password.
AuthMethod A SmtpAuthentications enumeration, as described in settings. Determines authentication type selected by the user.
Action A SmtpActions enumeration, as described in settings. You shoult set it to False to reject the authentication, or set to True to allow user to proceed.

Settings

The settings for AuthMethod are:

Constant Value Description
 AuthInvalid 0 No authentication allowed.
 AuthNone 1 No authentication required.
 AuthAny 2 Any authentication is required.
 AuthLogin 4 Authentication using LOGIN type.
 AuthPlain 8 Authentication using PLAIN type.
 AuthCramMD5 16 Authentication using CRAM-MD5 type.

The settings for Action are:

Constant Value Description
 Deny 0 Deny execution of the action.
 Allow 1 Allow to execute action.
 SilentDeny 2 Silently deny execution of the action.
 SilentAllow 3 Silently allow to execute action.

Remarks

Authenticate event is fired when user tries to authenticate himself to the server. At this point you should check if provided Username and Password are valid - and set Action property to Allow or Deny, depending if his credentials are correct or not. If you setup Authentication property so it is required, user will not be able to send the message (not even to attempt to send it) unless you return Action = Allow from this event.

In authentication types (other than AuthCramMD5), Username and Password will contain plaintext username/password you need to check against ones stored in your database - so allowing access is pretty much straightforward:

Private Sub wodSmtpServer1_Authenticate(ByVal User As WODSMTPSERVERCOMLib.ISmtpUser, ByVal Username As String, ByVal Password As String, ByVal AuthMethod As WODSMTPSERVERCOMLib.SmtpAuthentications, Action As WODSMTPSERVERCOMLib.SmtpActions)
      If AuthMethod <> AuthCramMD5 Then
             If Login = "joe" And Password = "joesecretpassword" Then Action = Allow
      End If
End Sub

AuthCramMD5 authentication type never exposes secret password by the client. Client sends calculate MD5 digest value (which is stored in Password property), and you must do the same using CalcCramMD5 method. If these two results match - user supplied correct username/password.

You can use this event like this (assuming you will only allow user joe with password joesecretpassword to authenticate):

Private Sub wodSmtpServer1_Authenticate(ByVal User As WODSMTPSERVERCOMLib.ISmtpUser, ByVal Username As String, ByVal Password As String, ByVal AuthMethod As WODSMTPSERVERCOMLib.SmtpAuthentications, Action As WODSMTPSERVERCOMLib.SmtpActions)
      Select Case AuthMethod
             Case AuthLogin
             Case AuthPlain
                   If Username = "joe" And Password = "joesecretpassword" Then Action = Allow
             Case AuthCramMD5
                   If Username = "joe" And User.CalcCramMD5("joesecretpassword") = Password Then Action = Allow
      End Select
End Sub