Topic Path: Symbol Reference > Classes > TIdSASLOTP Class > TIdSASLOTP Methods > ContinueAuthenticate Method
ContentsIndexHome
PreviousUpNext
TIdSASLOTP.ContinueAuthenticate Method

Builds the client response for the SASL OTP authentication mechanism.

function ContinueAuthenticate(
    const ALastResponse: String
): String; override;
Parameters 
Description 
ALastResponse 
Server challenge with OTP extended respsonses for the SASL exchange. 

String - Client response including the OTP value.

ContinueAuthenticate is an overridden String function used to build the client response for the SASL OTP exchange. 

ContinueAuthenticate uses the values in ALastResponse and the Password from the ancestor class to generate the One-Time-Password for the SASL OTP authentication mechanism. 

ALastReponse is the SASL server challenge, and includes the OTP extended responses for the SASL authentication exchange. ContinueAuthenticate parses the values in ALastReponse to determine the hashing algorithm(s) to be used in constructing the OTP client response. 

TIdSASLOTP implements support for the following hashing algorithms: 

 

Value Description 
 

---- ----------

 

md4 Message Digest version 4 
md5 Message Digest version 5 
sha1 Secure Hashing Algorithm version 1 

 

If an unknown hash algorithm name is encountered, an EIdOTPSASLUnknownOTPMethodException is raised. 

In this situation the client could prompt for the six-word format, issue the cancel sequence as specified by the SASL profile for the protocol in use and try a different SASL mechanism, or close the connection and refuse to authenticate. As a result of this behavior, a server is restricted to one OTP hash algorithm per user. 

ContinueAuthenticate uses TIdOTPCalculator to build the OTP client response using the seed value from the server challenge, the authentication credentials (Password), and the indicated hashing algorithm. 

On success, the client response will contain the "word" extended response format. At the present time, TIdSASLOTP does not return client responses in the "hex", "init-hex", or "init-word" extended response formats.

Exceptions 
Description 
Raised when an invalid hashing algorithm is found in the server challenge. 
Copyright 1993-2006, Chad Z. Hower (aka Kudzu) and the Indy Pit Crew. All rights reserved.
Post feedback to the Indy Docs Newsgroup.