lloyd.kauapundu at materna.de wrote:
> ...
> the users who may have access to the server. How can I do this? I
> know that there is a required attribute "requesting-user-name"; but
> this seems to be inefficient. Most IPP-clients do provide a user
> with the possibility to provide his/her name. Instead, the
> "requesting-user-name" is the name of the person who has logged on
> the computer. Are there other ways and means to implement user
> authorization and authentification?
IPP by itself doesn't do authentication - that's the province of
the HTTP protocol, which provides you with several options (Basic
and Digest authentication using usernames and passwords, certificate
schemes via TLS, kerberos, etc.)
The basic rule (and something we switched to in CUPS 1.1 once it was
decided) is that the authenticated user info takes precedence over
the requesting-user-name attribute that is passed in the request.
Soooooo, just have your HTTP server (or layer) challenge the client
to get the actual username, and use it over the requesting-user-name
attribute when you accept the print job.
--
______________________________________________________________________
Michael Sweet, Easy Software Products mike at easysw.com
Printing Software for UNIX http://www.easysw.com