[NNTP] Interoperability with 502 answer to GROUP command
Russ Allbery
rra at stanford.edu
Tue May 15 10:00:10 PDT 2012
"Clive D.W. Feather" <clive at davros.org> writes:
> Julien LIE said:
>> GROUP group.auth2
>> 502 Read access denied
> No, this should be another 480. After all, in principle you could
> reauthenticate as user2.
No, you can't; see RFC 4643:
After a successful authentication, the client MUST NOT issue another
AUTHINFO command in the same session. A server MUST NOT return the
AUTHINFO capability in response to a CAPABILITIES command, and a
server MUST reject any subsequent AUTHINFO commands with a 502
response.
After you've authenticated, if you still can't read the group but the
group is not hidden, "permission denied" is the correct error code so far
as I can see.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the ietf-nntp
mailing list