Re: Capturing Windows Login Name

Manuel Lemos wrote:
Hello,

on 02/03/2008 08:10 PM Jerry Stuckle said the following:
NTLM is a more secure authentication protocol than Basic because
passwords are never sent to the server and it saves the users from
the
annoyance of typing their user names and passwords again.

I am well aware of how it works because I implemented the SASL PHP
library, that among other protocols supports NTLM.

http://www.phpclasses.org/sasl

So what? I'm quite aware how it works, also.

It is used by HTTP, POP3, SMTP client classes to access servers of
these
protocols under Intranets that require NTLM authentication:

http://www.phpclasses.org/httpclient

http://www.phpclasses.org/pop3class

http://www.phpclasses.org/smtpclass

Gee, more of your lame classes?
I have an hard time understanding why you need to be so hostile and
depart to personal insult against a person that did nothing against
you.

I just presented examples on which NTLM authentication is used. I do
not
use Windows. I just use Linux, but I studied NTLM and other
authentication protocols in depth to add support to them by request of
the users of those classes.

It is not really relevant, but those classes are quite popular and well
rated as you may check in Freshmeat. Regardless of what you think, they
address needs of many tens of thousands of PHP developers.

And there are thousands of programmers who depend on register_globals,
short_open_tags and insecure formmail scripts. Popularity does not
indicate quality.
You conviniently ignored the fact that I said those classes are also
well rated.

So? That means nothing until you qualify the raters.

You are not reading. I mentioned the Freshmeat site. That is where I
mentioned where my packages are popular and well rated, although that is
not the only site where it happens.


Yes, I can read.


Many PHP developers know the quality of my work. I don't need to prove
it here. But coincidentaly, I was recently invited to speak in the Zend
Developer zone in one of their podcasts. It was just released and it
talks precisely about one of the classes I mentioned above.

Yep, I've heard from others about the 'quality' of your work.

Thank you for making clear that in reality you never seen or used my
classes. That makes mute whatever opinions about my work because you
cannot evaluate the quality of something you never seen or tried.


I never said I haven't seen or used any of your classes. Rather, I have said others have said the same thing about your classes. As a matter of fact, I have looked at a couple of them. Nothing I would use or recommend.


And so you were invited to talk in the Zend Developer Zone? Over the
years I've been asked to speak at many different forums. Big deal.

You are missing the point again. I am not competing with you. I am just
explaining you that I was invited to talk about my classes in Zend
Developer Zone. They do not invite people to talk about classes that you
called 'lame'.

You just called them lame because you run out of real arguments to
demonstrate your points, so you departed to offense in the hope to
minimize my reputation and the credibility of what I said.

That demonstrates that you lack of rhetorical skills and your reputation
only sinks after each offense you emit against me or anybody in this
group when you run out of arguments.


Nope. I call them lame because they are. The truth hurts, doesn't it?


http://devzone.zend.com/article/3049-PHP-Abstract-Podcast-Episode-34-Streams-Abstraction


The transcript is here:

http://www.phpclasses.org/blog/post/74-A-PHP-killer-feature--Streams-abstraction.html


Please be serious, trying to hummiliate me and minimize the quality of
my work in a public forum like this, only speaks against your
credibility and reputation. If you value your reputation and credibility
you may want to rethink what you say against others.

No, I'm not trying to humiliate you. I'm just telling you that not
everyone shares your own image of your work. And the more you defend
it, the less it must be worth.

That you do not want to value my work, it is very clear. As I mentioned
before, your opinion is irrelevant because you have not used my classes
in order to emit an opinion based on facts.

Since you run out facts to sustain your opinions, you trapped yourself
in an offensive attitude that sinks your reputation and the credibility
of what you say to anybody in this group.


I value GOOD work.

I am not merely defending my points, I am taking the opportunity that
you are giving to let me tell everybody that reads this group about my
solutions. The more you try to make me or my solutions look bad, the
more other people notice and become interested in them.


Nope, the more they will look at them and come to the same conclusions.

I know you did not intend to promote my work, but that is exactly what
it is happening. I am noticing a lot of traffic increase to the
PHPClasses site from Google groups pages and other sites that display
this group threads.


I really could care less about your work - other than you're promoting junk.

I never thought I would say this, but thank you for your involuntary
cooperation. Now I am more convinced that I should continue
demonstrating that your biased "opinions" against my classes are pointless.

The traffic increase that I am getting demonstrates that people are not
really being discouraged by your "opinions" from trying my classes, it
is exactly the opposite effect.

Thank you Jerry, in the end you are really being helpful. Lets continue
discussing more about my classes with you.


No problem. Actually, in the last day I've gotten 3 emails from other people who have written to agree with me. They just don't want to get into an argument with you here.


Anyway, if trying to insult me is your intention, nevermind, I am not
going to follow-up. If you insist with the insulting tone, rest assured
that I will leave you talking to the walls.


If the authentication succeeds, the server allows the access of
whatever
page (including PHP scripts).

This is a multi-step protocol. The user name is only passed to the
server in the last step, if the previous steps succeed.

The idea is to not make the user enter the same password again to
access
a site under the same Windows controller domain, after he has
logon on
his Windows machine account that belongs to the same Windows
domain.

But it cannot be done by any website to any computer with no
control by
the user.
I never said it could.


You intimated that any browser would pass along your logon name to any
website which requested it. And I'm saying this is NOT the case.
No, if you read me again you may notice that I explained "This is a
multi-step protocol. The user name is only passed to the server in the
last step, if the previous steps succeed."

That's correct. But you never iterated exactly what those steps are,
did you. Leaving people to assume that they can get the logon id from
any system.
That is just you jumping to conclusions about something I never said.


Nope, that's YOU leaving out very important information.

The original poster did not ask about that information specifically.
Still I did not leave out that information, I explained it when you
questioned, even though you did not read in the first time I explained it.

Anyway, it seems it is very important to you to win the arguments. So,
hereby I declare that you have won the argument, so we can get on with
our lives.

Now, you may proceed with your final statements, so you can be the last
to say anything in this thread, which also seems to be very important to
you. Go ahead, say whatever you want, I will not follow-up. I have
better things to do.



I read it. And no, you didn't explain it - not in terms someone who had to ask could understand.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@xxxxxxxxxxxxx
==================

.

Relevant Pages

  • Re: Capturing Windows Login Name
    ... I am well aware of how it works because I implemented the SASL PHP ... that among other protocols supports NTLM. ... That demonstrates that you lack of rhetorical skills and your reputation ... Since you run out facts to sustain your opinions, ...
    (comp.lang.php)
  • Re: So fn sick of viruses from just surfing the web!
    ... I purposely made statements that were purely opinions but you still ... on other hand, if you have a samba server, you might wanna have a AV ... to keep it clear so that windows clients don't get infected using your ... don't fight malware with anti-malware... ...
    (microsoft.public.windowsxp.general)
  • Re: So fn sick of viruses from just surfing the web!
    ... I purposely made statements that were purely opinions but you still ... on other hand, if you have a samba server, you might wanna have a AV ... to keep it clear so that windows clients don't get infected using ... don't fight malware with anti-malware... ...
    (microsoft.public.windowsxp.general)
  • Re: So fn sick of viruses from just surfing the web!
    ... I purposely made statements that were purely opinions but you still ... on other hand, if you have a samba server, you might wanna have a AV ... to keep it clear so that windows clients don't get infected using your ... don't fight malware with anti-malware... ...
    (microsoft.public.windowsxp.general)
  • Re: Lulu
    ... something for my reputation. ... Is that fiction or opinions? ... That sort of opinion publishing, I think, can certainly hurt. ...
    (rec.arts.sf.composition)