ionic 跨页面传值的二种情势www.4688.com

 

 

[javascript] view
plain
 copy

本文来源http://www.cnblogs.com/dinglang/,转载请表明出处。

[javascript] view
plain
 copy

 

当从AppCtrl对应页面切换来PlaylistCtrl对应的页面时,浏览器控制台打印结果:

4)为前来查收/读取邮件的用户提供劳动(当然还蕴藏删除。移动等等操作)

[javascript] view
plain
 copy

Scene IV

The next morning in Euripides’ office. Athena knocks on the door.

Euripides: You’ve got rings under your eyes this morning.
Athena: Well, you know. Another one of those long nights.
Euripides: Have you solved the replay problem?
Athena: I think so.
Euripides: Have a seat.
  She does.
Athena: As usual, I feel compelled to restate the problem. Tickets are reusable within a limited timespan, say eight hours. If someone steals your tickets and chooses to replay them before they expire, we can’t do anything to stop them.
Euripides: That’s the problem.
Athena: We could beat the problem if we designed the tickets so they couldn’t be reusable.
Euripides: But then you would have to get a new ticket every time you wanted to use a network service.
Athena:

Right. That is a clumsy solution at best. (Pause.) Ah, how do I proceed with my argument? (She ponders for a moment.)

All right, I’m going to restate the problem again, this time in the form of a requirement. A network service must be able to prove that the person using a ticket is the same person to whom that ticket was issued.

Let me trace the authentication process again and see if I can tease out an appropriate way to illustrate my solution to this problem.

I want to use a certain network service. I access that service by starting a client program on my workstation. The client sends three things to the service machine– my name, my workstation’s network address, and the appropriate service ticket.

The ticket contains the name of the person it was issued to and the address of the workstation that person was using when he or she acquired the ticket. It also contains an expiration date in the form of a lifespan and a timestamp. All this information has been encrypted in the service’s Charon password.

Our current authentication scheme relies on the following tests:

  • Can the service decrypt the ticket?
  • Has the ticket expired?
  • Do the name and workstation address specified in the ticket match the name and address of the person who sent the ticket?

What do these tests prove? The first test proves that the ticket either did or did not come from Charon. If the ticket cannot be decrypted, it did not come from the real Charon. The real Charon would have encrypted the ticket with the service’s password. Charon and the service are the only two entities that know the service’s password. If the ticket decrypts successfully, the service knows that it came from the real Charon. This test prevents folks from building fake Charon tickets.

The second test checks the ticket’s lifespan and timestamp. If it has expired, the service rejects the ticket. This test stops people from using old tickets, tickets that perhaps were stolen.

The third test checks the ticket-user’s name and address against the name and address of the person specified in the ticket. If the test fails, the ticket-user has obtained (perhaps surreptitiously) another person’s ticket. The ticket is of course rejected.

If the names and addresses do match, what has the test proved? Nothing. Scallywags can steal tickets from the network, change their workstation addresses and usernames appropriately, and rifle other folks resources. As I pointed out yesterday, tickets can be replayed as long as they haven’t expired. They can be replayed because a service cannot determine that the person sending the ticket is actually the ticket’s legitimate owner.

The service cannot make this determination because it does not share a secret with the user. Look at it this way. If I’m on watch at Elsinore, you know, the castle in Hamlet, and you are supposed to relieve me, I’m not supposed to let you take my place unless you can provide the correct password. That’s the case where the two of us share a secret. And it’s probably a secret that someone else made up for everyone who stands on watch.

So I was thinking last night, why not have Charon make up a password for the legitimate ticket-owner to share with the service? Charon gives a copy of this session key to the service, and a copy to the user. When the service receives a ticket from a user, it can use the session key to test the user’s identity.

Euripides: Wait a second. How is Charon going to give both parties the session key?
Athena: The ticket-owner gets the session key as part of the reply from Charon. Like this:

She scrawls the following on a chalkboard:

 CHARON REPLY  -  [sessionkey|ticket]

The service’s copy of the session key comes inside the ticket, and the service gets the key when it decrypts the ticket. So the ticket looks like this:

 TICKET -  {sessionkey:username:address:servicename:lifespan:timestamp}

When you want to get to a service, the client program you start builds what I call an AUTHENTICATOR. The authenticator contains your name and your workstation’s address. The client encrypts this information with the session key, the copy of the session key you received when you requested the ticket.

  AUTHENTICATOR - {username:address} encrypted with session key

After building the authenticator, the client sends it and the ticket to the service. The service cannot decrypt the authenticator yet because it doesn’t have the session key. That key is in the ticket, so the service first decrypts the ticket.

After decrypting the ticket, the service ends up with the the following information:

  • The ticket’s lifespan and timestamp;
  • The ticket-owner’s name;
  • The ticket-owner’s network address;
  • The session key.

The service checks to see if the ticket has expired. If all is well in that regard, the service next uses the session key to decrypt the authenticator. If the decryption proceeds without a hitch, the service ends up with a username and a network address. The service tests this information against the name and address found in the ticket, AND the name and address of the person who sent the ticket and authenticator. If everything matches, the service has determined that the ticket-sender is indeed the ticket’s real owner.

Athena pauses, clears her throat, drinks some coffee.

I think the session key-authenticator business takes care of the replay problem.

Euripides: Maybe. But I wonder . . . To break this version of the system, I must have the proper authenticator for the service.
Athena: No. You must have the authenticator AND the ticket for the service. The authenticator is worthless without the ticket because the service cannot decrypt the authenticator without first having the appropriate session key, and the service cannnot get the appropriate session key without first decrypting the ticket.
Euripides: Okay, I understand that, but didn’t you say that when a client program contacts the server, it sends the ticket and matching authenticator together?
Athena: Yes, I guess I said that.
Euripides: If that’s what actually happens, what prevents me from stealing the ticket and authenticator at the same time? I’m sure I could write a program to do the job. If I’ve got the ticket and its authenticator, I believe I can use the two as long as the ticket has not expired. I just have to change my workstation address and username appropriately. True?
Athena: (Biting her lip) True. How dispiriting.
Euripides: Wait, wait, wait! This isn’t such a big deal. Tickets are reusable as long as they haven’t expired, but that doesn’t mean that authenticators have to be reusable. Suppose we design the system so that authenticators can only be used once. Does that buy us anything?
Athena:

Well, it might. Let’s see, the client program builds the authenticator, then sends it with the ticket to the service. You copy both ticket and authenticator as they move from my workstation to the server. But the ticket and authenticator arrive at the server before you can send your copies. If the authenticator can only be used once, your copy of it is no good, and you lose when you attempt to replay your ticket and authenticator.

Well, that’s a relief. So all we have to do is invent a way to make the authenticator a one-time usable thing.

Euripides:

No problem. Let’s just put a lifespan and timestamp on them. Suppose each authenticator has a lifespan of a couple of minutes. When you want to use a service, your client program builds the authenticator, stamps it with the current time, then sends it and the ticket to the server.

The server receives the ticket and authenticator and goes about its business. When the server decrypts the authenticator, it checks the authenticator’s lifespan and timestamp. If the authenticator hasn’t expired, and everything else checks properly, the server considers you authenticated.

Suppose I copied the athenticator and ticket as they crossed the network. I have to change my workstation’s network address and my username, and I have to do this all in a couple of minutes. That’s a pretty tall order. In fact I don’t think it’s possible. Unless . . .

Well, here’s a potential problem. Suppose that instead of copying the ticket and authenticator as they travel from your workstation to the server, I copy original ticket packet that comes from Charon, the packet you receive when you ask Charon to give you a ticket.

This packet, as I recall, has two copies of the session key in it: one for you and one for the service. The one for the service is hidden in the ticket and I can’t get to it, but what about the other one, the one you use to build authenticators?

If I can get that copy of the session key, I can build my own authenticators, and if I can build my own authenticators, I can break the system.

Athena:

That’s something I thought about last night, but then I traced the process of acquiring tickets and found that it wasn’t possible to steal authenticators that way.

You sit down at a workstation and use the kinit program to get your ticket-granting ticket. Kinit asks for your username, and after you enter it,kinit forwards the name to Charon.

Charon uses your name to look up your password, then proceeds to build a ticket-granting ticket for you. As part of this process, Charon creates a session key that you will share with the ticket-granting service. Charon puts a copy of the session key in the ticket-granting ticket, and puts your copy in the the ticket packet that you are about to receive. But before it sends you this packet, Charon encrypts the whole thing with your password.

Charon sends the packet across the network. Someone can copy the packet as it goes by, but they can’t do anything with it because it has been encrypted with your password. Specifically, no one can steal the ticket-granting session key.

Kinit receives the ticket packet and prompts you for a password, which you enter. If you enter the correct password, kinit can decrypt the packet and give you your copy of the session key.

Now that you’ve taken care of the kinit business, you want to get your mail. You start the mail client program. This program looks for a mail service ticket and doesn’t find one (after all, you haven’t tried to get your mail yet). The client must use the ticket-granting ticket to ask the ticket-granting service for a mail service ticket.

The client builds an authenticator for the ticket-granting transaction and encrypts the authenticator with your copy of the ticket-granting session key. The client then sends Charon the authenticator, the ticket-granting ticket, your name, your workstation’s address, and the name of the mail service.

The ticket-granting service receives this stuff and runs through the authentication checks. If everything checks properly, the ticket-granting service ends up with a copy of the session key that it shares with you. Now the ticket-granting service builds you a mail service ticket, and during this process, creates a new session key for you to share with the mail service.

The ticket-granting service now prepares a ticket packet to send back to your workstation. The packet contains the ticket and your copy of the mail service session key. But before it sends the packet, the ticket-granting service encrypts the packet with its copy of the TICKET-GRANTING session key. That done, the packet is sent on its way.

So here comes the mail service ticket packet, loping across the network. Suppose some network ogre copies it as it goes by. The ogre is out of luck because the packet is encrypted with the ticket-granting session key; you and the ticket-granting service are the only entities that know this key. Since the ogre cannot decrypt the mail ticket packet, the ogre cannot discover the MAIL SESSION KEY. Without this session key, the ogre cannot use any of the mail service tickets you might subsequently send across the network.

So I think we’re safe. What do you think?

Euripides: Perhaps.
Athena: Perhaps! Is that all you can say!
Euripides: (laughing) Don’t get upset. You should know my ways by now. I guess it is mean of me, and you up half the night.
Athena: Pthhhhh!
Euripides: All right, three-quarters of the night. Actually, the system is beginning to sound acceptible. This session key business solves a problem that I thought of last night: the problem of mutual authentication.
  Pause.
  Mind if I talk for a minute?
Athena: (A trifle coldly) Be my guest.
Euripides:

You are so kind. (Euripides clears his throat.) Last night, while visions of session keys and authenticators danced in your head, I was trying to find new problems with the system, and I found one that I thought was pretty serious. I’ll illustrate it by way of the following scenario.

Suppose you are sick of your current job and have determined that it is in your best interest to move on. You want to print your resume on the company’s wizz-bang laser printer so that headhunters and potential employers can take note of your classiness.

So you enter the printing command, and direct it to send the resume to the appropriate print server. The command gets the proper service ticket, if you don’t already have it, then sends the ticket in your name to the appropriate print server. At least that’s where you think it’s headed. You don’t in fact know that the request is headed for the right print server.

Suppose that some unscrupulous hacker–say it’s your boss–has screwed system around so that he redirects your request and its ticket to the print server in his office. His print service program doesn’t care about the ticket or its contents. It throws away the ticket and sends a message to your workstation indicating that the ticket passed muster, and that the server is ready and willing to print your job. The printing command sends the job to the fraudulant print server and the enemy ends up with your resume.

I’ll state the problem by way of contrast. Without session keys and authenticators, Charon can protect its servers from false users, but it cannot protect its users from false servers. The system needs a way for client programs to authenticate the server before sending sensitive information to the service. The system must allow for mutual authentication.

But the session key solves this problem as long as you design your client programs properly. Back to the print server scenario. I want a print client program that makes sure the service it’s sending jobs to is the legitimate service.

Here’s what such a program does. I enter the printing command and give it a filename, the name of my resume. Assume that I have a print service ticket and session key. The client program uses the session key to build an authenticator, then sends the authenticator and ticket to the "supposed" print server. The client DOES NOT send the resume yet; it waits for a response from the service.

The real service receives the ticket and authenticator, decrypts the ticket and extracts the session key, then uses the session key to decrypt the authenticator. This done, the service runs all the appropriate authentication tests.

Assume the tests confirm my identity. Now the server prepares a reply packet so that it can prove its identity to the client program. It uses its copy of the session key to encrypt the reply packet, then sends the packet to the waiting client.

The client receives the packet and attempts to decrypt it with my copy of the session key. If the packet decrypts properly and yields the correct server response message, my client program knows that the server that encrypted the packet is the real server. Now the client sends the resume job to the print service.

Suppose my boss screwed around the system so that his print server poses as the one I want. My client sends the authenticator and ticket to the "print service" and waits for a response. The fake print service cannot generate the correct response because it cannot decrypt the ticket and get the session key. My client will not send the job unless it receives the correct response. Eventually the client gives up waiting and exits. My print job does not get completed, but at least my resume did not end up on the desk of the enemy.

You know, I think we have a solid basis on which to implement the Charon Authentication System.

Athena: Perhaps. Anyway, I don’t like the name "Charon."
Euripides: You don’t? Since when?
Athena: I’ve never liked it, because the name doesn’t make sense. I was talking to my Uncle Hades about it the other day, and he suggested another name, the name of his three-headed watch dog.
Euripides: Oh, you mean "Cerberus."
Athena: Bite your tongue Rip! "Cerberus" indeed . . .
Euripides: Er, isn’t that the name?
Athena: Yeah, if you happen to be a Roman! I’m a Greek goddess, he’s a Greek watch dog, and his name is "Kerberos," "Kerberos" with a K.
Euripides: Okay, okay, don’t throw thunderbolts. I’ll buy the name. Actually, it has a nice ring to it. Adios Charon and hello to Kerberos.

 

在Internet上要想提供电子邮件的功效,必须要有特另外电子邮件服务器。国内相比著名的就是“四大门户”的邮箱,国外的概括Gmail、Yahoo等。这一个都是面向五十铃的,而且大多数免费提供的。大多数的店家,也都兼备友好的商号邮件服务器,提供内部拔取,或者普通工作中对外使用。

  1. .controller(‘AppCtrl’, function ($scope, $ionicModal, $timeout, $cacheFactory) {  
  2.   
  3.   var user = {name: ‘jax’, age: 18, sex: ‘男’};  
  4.   var user_cache = $cacheFactory(“user_cache”);  //表明一个user_cache缓存对象    
  5.   user_cache.put(“lol”,user);    //放入缓存对象  
S: 220 smtp.server.com Simple Mail Transfer Service Ready
C: EHLO client.example.com
S: 250-smtp.server.com Hello client.example.com
S: 250-SIZE 1000000
S: 250 AUTH LOGIN PLAIN CRAM-MD5
C: AUTH PLAIN dGVzdAB0ZXN0ADEyMzQ= *
S: 235 2.7.0 Authentication successful
  1. angular.module(‘starter.controllers’, [])  
  2.   .service(‘dataService’,function () {  
  3.       var data=”I come from service”;  //定义变量  
  4.     return{  
  5.       getData:function () {  
  6.         return data;  
  7.       }  
  8.     }  
  9.   })  

电子邮件的传输过程,详细讯息如图:

 

3)接受其他邮件服务器转发过来的点邮件,并存入到为其领导所分配的空中中 

键值对存储,用法也是异常简单,下面给出了常用的api,

友谊指示:本文不打算讲解怎样安排一台邮件服务器,因为这是网络管理员/系统管理员应该控制的内容。市面上的邮件服务器软件繁多,在不同的服务器系统上也有多种贯彻。微软的Exchange
Server , Apache James
那些都是相比流行的

概念变量data

1)用户递交包裹给布里斯班的邮局,蒙得维的亚的邮局接受到包裹,再把包裹转发给了奥兰多的邮局。这事实上易经完成了三回邮寄过程,使用的都是SMTP协议。

  1. .state(‘app.single’, {  
  2.     url: ‘/playlists/:playlistId’,  //配置多少个参数用:a/:b/:c  
  3.     views: {  
  4.       ‘menuContent’: {  
  5.         templateUrl: ‘templates/playlist.html’,  
  6.         controller: ‘PlaylistCtrl’  
  7.       }  
  8.     }  

  *) The AUTH PLAIN command and the
username and the password are sent to the server in one single line.
 
  
AUTH LOGIN The LOGIN mechanism is
another common method to login to an SMTP server. The SMTP communication
example below shows how AUTH LOGIN can be used to make an
authenticated login to an server:
 

[html] view
plain
 copy

1)接受用户投递过来的邮件 

 

请记住,邮局不会像快递那样主动送货的,必须是用户积极去邮局询问并取包裹。所谓协议,其实可以了然为一种标准,一种特定的“通话语言”。

 

  After the client has sent
the AUTH PLAIN command to the server, the server responds with a 334
reply code. Then the username and password are sent from the client to
the server. The username and password are combined to one string and
BASE64 encoded (“dGVzdAB0ZXN0ADEyMzQ=” in the example above). Although
the keyword PLAIN is used, the username and password are not sent as
plain text over the Internet – they are always BASE64 encoded. If you
want to read more about BASE64 encoding, you can open this Internet
page
.
 
It is also
possible to send the username and password, together with the AUTH PLAIN
command, as a single line. Then the whole login process can be handled
this easy:
 

[javascript] view
plain
 copy

Scene II

Euripides’ office, the next morning. Euripides sits at his desk,
reading his mail. Athena knocks on the door.

Athena: Well I’ve figured out how to secure an open network environment so that unscrupulous folks like you cannot use network services in other people’s names.
Euripides: Is that so? Have a seat.
  She does.
Athena: Before I describe it, can I lay down one ground rule about this discussion?
Euripides: What’s your rule?
Athena:

Well suppose I say something like the following: "I want my electronic mail, so I contact the mail server and ask it to send the mail to my workstation." In reality I’m not the entity that contacts the mail server. I’m using a program to contact the mail server and retrieve my mail, a program that is a CLIENT of the mail service program.

But I don’t want to say "the client does such-and-such" every time I refer to a transaction between the user and a network server. I’d just as soon say "I do such-and-such," keeping in mind of course that a client program is doing things on my behalf. Is that okay with you?

Euripides: Sure. No problem.
Athena: Good. All right, I’ll begin by stating the problem I have solved. In an open network environment, machines that provide services must be able to confirm the identities of people who request service. If I contact the mail server and ask for my mail, the service program must be able to verify that I am who I claim to be, right?
Euripides: Right.
Athena: You could solve the problem clumsily by requiring the mail server to ask for a password before I could use it. I prove who I am to the server by giving it my password.
Euripides: That’s clumsy all right. In a system like that, every server has to know your password. If the network has one thousand users, each server has to know one thousand passwords. If you want to change your password, you have to contact all servers and notify them of the change. I take it your system isn’t this stupid.
Athena: My system isn’t stupid. It works like this: Not only do people have passwords, services have passwords too. Each user knows her or his password, each service program knows its password, and there’s an AUTHENTICATION SERVICE that knows ALL passwords–each user’s password, and each service’s password. The authentication service stores the passwords in a single, centralized database.
Euripides: Do you have a name for this authentication service?
Athena: I haven’t thought of one yet. Do you have any ideas?
Euripides: What’s the name of that fellow who ferries the dead across the River Styx?
Athena: Charon?
Euripides: Yeah, that’s him. He won’t take you across the river unless you can prove your identity.
Athena: There you go Rip, trying to rewrite Greek mythology again. Charon doesn’t care about your identity. He just wants to make sure that you’re dead.
Euripides: Have you got a better name?
  Pause.
Athena: No, not really.
Euripides: Then let’s call the authentication service "Charon."
Athena:

Okay. I guess I should describe the system, huh?

Let’s say you want to use a service, the mail service. In my system you cannot use a service unless, ah, Charon tells the service that you are who you claim to be. And you can’t get the okay to use a service unless you have authenticated yourself to Charon. When you request authentication from Charon, you have to tell Charon the service for which you want the okay. If you want to use the mail server, you’ve got to tell Charon.

Charon asks you to prove your identity. You do so by providing your secret password. Charon takes your password and compares it to the one that is registered for you in the Charon database. If the two passwords match, Charon considers your identity proven.

Charon now has to convince the mail server that you are who you say you are. Since Charon knows all service passwords, it knows the mail service’s password. It’s conceivable that Charon could give you the password, which you could forward to the mail service as proof that you have authenticated yourself to Charon.

The problem is, Charon cannot give you the password directly, because then you would know it. The next time you wanted mail, you could circumvent Charon and use the mail server without correctly identifying yourself. You could even pretend to be someone else, and use the mail server in that other person’s name.

So instead of giving you the mail server’s password, Charon gives you a mail service TICKET. This ticket contains a version of your username that has been ENCRYPTED USING the MAIL SERVER’S PASSWORD.

Ticket in hand, you can now ask the mail service for your mail. You make your request by telling the mail server who you are, and furnishing the ticket that proves you are who you say you are.

The server uses its password to decrypt the ticket, and if the ticket decrypts properly, the server ends up with the username that Charon placed in the ticket.

The service compares this name with the name you sent along with the ticket. If the names match, the mail server considers your identity proven and proceeds to give you your mail.

What do you think of those apples?

Euripides: I’ve got some questions.
Athena: I figured. Well go ahead.
Euripides: When a service program decrypts a ticket, how does it know that it has decrypted the ticket properly?
Athena: I don’t know.
Euripides: Maybe you should include the service’s name in the ticket. That way when a service decrypts a ticket, it can gauge its success on whether or not it can find its name in the decrypted ticket.
Athena:

That sounds good to me. So the ticket looks something like this:

(She scrawls the following on a pad of paper:)

   TICKET -  {username:servicename}
Euripides: So the service ticket contains just your username and the servicename?
Athena: Encrypted with the service’s password.
Euripides: I don’t think that’s enough information to make the ticket secure.
Athena: What do you mean?
Euripides: Let’s suppose you ask Charon for a mail server ticket. Charon prepares that ticket so that it has your username "tina" in it. Suppose I copy that ticket as it wizzes by on its way across the network from Charon to you. Suppose I convince my insecure workstation that my username is "tina." The mail client program on my workstation thinks I am you. In your name, the program forwards the stolen ticket to the mail server. The server decrypts the ticket and sees that it is valid. The username in the ticket matches the name of the user who sent the ticket. The mail server gives me your mail . . .
Athena: Oh! Well that’s not so good.
Euripides:

But I think I know a way to fix this problem. Or to at least provide a partial fix to it. I think Charon should include more information in the service tickets it produces. In addition to the username, the ticket should also include the NETWORK ADDRESS from which the user asked Charon for the ticket. That gives you an additional level of security.

I’ll illustrate. Suppose I steal your mail ticket now. The ticket has your workstation’s network address in it, and this address does not match my workstation’s address. In your name I forward the purloined ticket to the mail server. The server program extracts the username and network address from the ticket and attempts to match that information against the username and network address of the entity that sent the ticket. The username matches, but the network address does not. The server rejects the ticket because obviously it was stolen.

Athena: Bravo, bravo! I wish I had thought of that.
Euripides: Well that’s what I’m around for.
Athena:

So the revised ticket design looks like this:

She scrawls the following on a chalkboard:

  TICKET -   {username:ws_address:servicename}
Athena: Now I’m really excited. Let’s build a Charon system and see if it works!
Euripides: Not so fast. I have some other questions about your system.
Athena: All right. (Athena leans forward in her chair) Shoot.
Euripides: Sounds like I’ve got to get a new ticket every time I want to use a service. If I’m putting in a full day’s work, I’ll probably want to get my mail more than once. Do I have to get a new ticket every time I want to get my mail? If that’s true, I don’t like your system.
Athena: Ah . . . Well I don’t see why tickets can’t be reusable. If you get a ticket for the mail server, you ought to be able to use it again and again. For instance, when the mail client program makes a request for service in your name, it forwards a COPY of the ticket to the mail server.
Euripides: That’s better. But I still have problems. You seem to imply that I have to give Charon my password every time I want to use a service for which I don’t have a ticket. I login and want to access my files. I fire off a request to Charon for the proper ticket and this means that I’ve had to use my password. Then I want to read my mail. Another request to Charon, I have to enter my password again. Now suppose I want to send one of my mail messages to the print server. Another Charon request and, well you get the picture.
Athena: Uh, yeah, I do.
Euripides: And if that weren’t bad enough, consider this: it sounds like when you authenticate yourself to Charon, you send your secret password over the network in cleartext. Clever people like yours truly can monitor the network and steal copies of people’s passwords. If I’ve got your password, I can use any service in your name. Athena sighs.
Athena: These are serious problems. Guess I need to go back to the drawing board.

 

而用户必须主动请求邮件服务器,才能赢拿到属于用户自己的邮件音信。那多少个历程中,才使用的是POP3。

  1. <ion-item  href=”#/app/playlists/{{playlist.id}}”>  //playlists.html页面  

至于MD5和KeyedMD5的程序代码可以在分另外RFC中找到,在VC下需要改善多少个编译错误。

 

S: 220 smtp.server.com Simple Mail Transfer Service Ready
C: EHLO client.example.com
S: 250-smtp.server.com Hello client.example.com
S: 250-SIZE 1000000
S: 250 AUTH LOGIN PLAIN CRAM-MD5
C: AUTH LOGIN
S: 334 VXNlcm5hbWU6
C: adlxdkej
S: 334 UGFzc3dvcmQ6
C: lkujsefxlj
S: 235 2.7.0 Authentication successful

2、使用url传参

 

在controller中取出变量

 

在controller中取出变量

 

[javascript] view
plain
 copy

http://web.mit.edu/kerberos Kerberos MIT主页
http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html FAQ
http://web.mit.edu/kerberos/www/dialogue.html
几个人对话情势的上课,曾被译成中文没看懂,英文的看懂了 [lol]

 

 

内需留意的是必须在app.js路由中布局接受这些参数

Afterword

The dialogue was written in 1988 to help its readers understand the
fundamental reasons for why the Kerberos V4 protocol was the way it was.
Over the years, it has served this job very well.

When I converted this document to HTML, I was amazed how much of this
document was still applicable for the Kerberos V5 protocol. Although
many things were changed, the basic core ideas of the protocol have
remained the same. Indeed, there are only two changes where Kerberos V5
differs from description of the “Kerberos” protocol in this dialoge.

The first change was born out of the recognition that using a small five
minute time skew wasn’t necessarily sufficient to prevent replay attacks
from an attacker who used a program to automatically grab the ticket and
the authenticator as they traversed the network, and then immediately
resent them to launch a replay attack.

In Kerberos V5, authenticators are made to be truly “once-only” by
having servers which accept tickets to have a “replay cache” which keeps
note of authenticators have been presented to the server recently. If an
attacker tries to snatch an authenticator and reuse it, even during the
five-minute acceptance window, the replay cache will be able to
determine that the authenticator has already been presented to the
server.

The second major change to the protocol is that the ticket is no longer
encrypted in the user’s password when it is sent from the Kerberos
server to kinit during the initial ticket exchange. The
ticket is already encrypted in the ticket granting server’s secret key;
furthermore when it is actually used to obtain other tickets, it gets
sent in the network in the clear anyway. Hence, there is no reason why
the ticket should be encrypted again in the user’s password. (The rest
of the Kerberos server’s reply to the user, containing for example the
user’s copy of the ticket session key, is still encrypted in the user’s
password, of course.)

A similar change was also made to the ticket granting service (TGS)
protocol; tickets returned by TGS are also no longer encrypted by the
ticket-granting ticket’s service key, since application tickets are
already encrypted by the application server’s secret key. So for
example, the packet that in Kerberos V4 which would have looked like
this:

   KDC_REPLY = {TICKET, client, server, K_session}K_user

where “{X}K_Y” is read “X encrypted using key K_Y” and

   TICKET = {client, server, start_time, lifetime, K_session}K_server

In
Kerberos V5, the KDC_REPLY now would look like
this:

  KDC_REPLY = TICKET, {client, server, K_session}K_user

 

Of course, there are many new features in Kerberos V5 as well. Users can
now securely forward their tickets so that they can be used at another
network location; in addition, users may also delagate a subset of their
authorization rights to a server, so that the server can act as a proxy
on behalf of a user. Other new features include the ability to replace
DES with a more secure cryptographic algorithm, such as triple-DES.
Readers who are interested in more of the changes between Kerberos V4
and V5 are invited to read The
Evolution of the Kerberos Authentication
System
, which
was authored by Cliff
Neumann
 and Theodore
Ts’o
.

I hope you’ve enjoyed this quick little introduction to the Kerberos
protocol. I wish you well in your futher explorations!

Theodore Ts’o, February 1997.


Permission to use, copy, modify, and distribute this documentation for
any purpose and without fee is hereby granted, provided that the above
copyright notice appear in all copies and that both that copyright
notice and this permission notice appear in supporting documentation,
and that the name of M.I.T. not be used in advertising or publicity
pertaining to distribution of the documentation without specific,
written prior permission. M.I.T. makes no representations about the
suitability of this documentation for any purpose. It is provided “as
is” without express or implied warranty.

For comments/suggestions about this page, mail: tytso@mit.edu

http://web.mit.edu/kerberos/www/dialogue.html

 

 

key//取key所对应的值

如图所示:

 

Abstract

This dialogue provides a fictitious account of the design of an
open-network authentication system called “Charon.” As the dialogue
progresses, the characters Athena and Euripides discover the problems
of security inherent in an open network environment. Each problem must
be addressed in the design of Charon, and the design evolves
accordingly. Athena and Euripides don’t complete their work until the
dialogue’s close.

When they finish designing the system, Athena changes the system’s
name to “Kerberos,” the name,
coincidentally enough, of the authentication system that was designed
and implemented at MIT’s Project Athena. The dialogue’s “Kerberos”
system bears a striking resemblence to the system described
inKerberos: An Authentication Service for Open Network
Systems
class=”Apple-converted-space”> presented at the Winter USENIX 1988, at
Dallas, Texas.

www.4688.com 1

http://blog.sina.com.cn/s/blog\_53d379960100vikw.html

1、使用AngularJS自带的$cacheFactory服务

先是要明白这个“是懂非懂”的定义,才能更好的通晓。

 

他日将会向我们详细讲解,在.NET平德雷斯顿发送邮件的二种情况和兑现形式(包括:群发的命中问题、垃圾箱的题目、乱码问题、html邮件、文本邮件、选.NET自带
Or 使用邮件群发组件? 等等)。

clear//清除记录

S: 220 smtp.server.com Simple Mail Transfer Service Ready
C: EHLO client.example.com
S: 250-smtp.server.com Hello client.example.com
S: 250-SIZE 1000000
S: 250 AUTH LOGIN PLAIN CRAM-MD5
C: AUTH CRAM-MD5
S: 334 PDQxOTI5NDIzNDEuMTI4Mjg0NzJAc291cmNlZm91ci5hbmRyZXcuY211LmVkdT4=  [1]
C: cmpzMyBlYzNhNTlmZWQzOTVhYmExZWM2MzY3YzRmNGI0MWFjMA==  [2]
S: 235 2.7.0 Authentication successful

 

前言

概念变量data

2)而邮局经常不会再接再厉送货给用户的,也不主动打招呼你(除了近日几年流行的EMS外)。所以,用户只可以积极跑到邮局去,询问邮局的工作人士。

  1. <ion-item  href=”#/app/playlists/{{playlist.id}}”>  //playlists.html页面  

 

  1. angular.module(‘starter.controllers’, [])  
  2.   .service(‘dataService’,function () {  
  3.       var data=”I come from service”;  //定义变量  
  4.     return{  
  5.       getData:function () {  
  6.         return data;  
  7.       }  
  8.     }  
  9.   })  

2.Sina的邮件服务器收到Dylan的邮件后,依据地点音讯,又转发给了QQ的邮件服务器,这两台邮件服务器的收发,使用的都是SMTP协议。

[javascript] view
plain
 copy

 

 

Keyed-MD5的总结公式为:
MD5 ( (tanstaaftanstaaf XOR opad),MD5((tanstaaftanstaaf XOR ipad),
<1896.697170952@postoffice.reston.mci.net>) ),其中

 

  After that the AUTH LOGIN
command has been sent to the server, the server asks for username and
password by sending BASE64 encoded text (questions) to the client.
“VXNlcm5hbWU6” is the BASE64 encoded text for the word “Username” and
“UGFzc3dvcmQ6” is the BASE64 encoded text for the word “Password” in the
example above. The client sends username and password also using BASE64
encoding. “adlxdkej”, in the example above, is a BASE64 encoded username
and “lkujsefxlj” is a BASE64 encoded password. 
 
  
AUTH CRAM-MD5 One
drawback using the PLAIN and LOGIN authentication mechanisms is that the
username and password can be decoded quite easy if somebody monitor the
SMTP communication. To obtain higher security an authentication
mechanism with the name CRAM-MD5 can be used instead. CRAM-MD5
combines a challenge-response authentication mechanism to exchange
information and a cryptographic Message Digest 5 algorithm to encrypt
important information.
 
The example
below shows how AUTH CRAM-MD5 can be used to login to an SMTP
server:
 

内需注意的是必须在app.js路由中布局接受这个参数

2.电子邮箱

 

www.4688.com 2

 

Scene III

The next morning, Athena catches Euripides at the coffee area. She taps
him on the shoulder as he fills his cup.

The two head for the coffee machine.

Athena: I’ve got a new version of Charon that solves our problems.
Euripides: Really? That was quick.
Athena: Well, you know, problems of this nature keep me up all night.
Euripides: Must be your guilty conscience. Shall we repair to yon small conference room?
Athena: Why not?
  The two move to the small conference room.
Athena: I’ll begin by stating the problems again, but I’ll invert them so that they become requirements of the system.
  Athena clears her throat.
Athena: The first requirement: Users only have to enter their passwords once, at the beginning of their workstation sessions. This requirement implies that you shouldn’t have to enter your password every time you need a new service ticket. The second requirement: passwords should not be sent over the network in clear text.
Euripides: Okay.
Athena:

I’ll start with the first requirement: you should only have to use your password once. I’ve met this requirement by inventing a new network service. It’s called the "ticket-granting" service, a service that issues Charon tickets to users who have already proven their identity to Charon. You can use this ticket-granting service if you have a ticket for it, a ticket-granting ticket.

The ticket-granting service is really just a version of Charon in as much as it has access to the Charon database. It’s a part of Charon that lets you authenticate yourself with a ticket instead of a password.

Anyhow, the authentication system now works as follows: you login to a workstation and use a program called kinit to contact the Charon server. You prove your identity to Charon, and the kinit program gets you a ticket-granting ticket.

Now say you want to get your mail from the mail server. You don’t have a mail server ticket yet, so you use the "ticket-granting" ticket to get the mail server ticket for you. You don’t have to use your password to get the new ticket.

Euripides: Do I have to get a new "ticket-granting" ticket every time I need to get to another network service?.
Athena: No. Remember, we agreed last time that tickets can be reused. Once you have acquired a ticket-granting ticket, you don’t need to get another. You use the ticket-granting ticket to get the other tickets you need.
Euripides: Okay, that makes sense. And since you can reuse tickets, once the ticket-granting service has given you a ticket for a particular service, you don’t need to get that particular ticket again.
Athena: Yeah, isn’t that elegant?
Euripides: Okay, I buy it so far . . . As long as you didn’t have to send your password in cleartext over the network when you got the ticket-granting ticket.
Athena:

Like I said, I’ve solved that problem as well. The thing is, when I say you have to contact Charon to get the ticket-granting ticket, I make it sound as though you have to send your password in cleartext over the network to the Charon Server. But it doesn’t have to be that way.

Here’s really what happens. When you use the kinit program to get the ticket-granting ticket, kinit doesn’t send your password to the Charon server,kinit sends only your username.

Euripides: Fine.
Athena:

Charon uses the username to look up your password. Next Charon builds a packet of data that contains the ticket-granting ticket. Before it sends you the packet, Charon uses your password to encrypt the packet’s contents.

Your workstation receives the ticket packet. You enter your password. Kinit attempts to decrypt the ticket with the password you entered. If kinitsucceeds, you have successfully authenticated yourself to Charon. You now possess a ticket-granting ticket, and that ticket can get you the other tickets you require.

How’s that for some fancy thinking?

Euripides: I don’t know . . . I’m trying to think myself. You know, I think the parts of the system that you just described work pretty well. Your system requires me to authenticate myself only once. Thereafter Charon can issue me service tickets without my being aware of it. Seamless, seamless in that regard. But there’s something about the design of the service ticket that troubles me somehow. It has to do with the fact that tickets are reusable. Now I agree that they have to be reusable, but reusable tickets are, by their nature, very dangerous.
Athena: What do you mean?
Euripides:

Look at it this way. Suppose you are using an insecure workstation. In the course of your login session you acquire a mail service ticket, a printing service ticket, and a file service ticket. Suppose you inadvertantly leave these tickets on the workstation when you logout.

Now suppose I login to the workstation and find those tickets. I’m feeling like causing trouble, so I make the workstation think that I am you. Since the tickets are made out in your name, I can use the mail client program to access your mail, I can use the file service client to access and remove your files, and I can use the printing command to run up huge bills on your account. All because these tickets have been accidentally left lying around.

And nothing can keep me from copying these tickets to a place of my own. I can continue to use them for all eternity.

Athena:

But that’s an easy fix. We just write a program that destroys a user’s tickets after each login session. You can’t use tickets that have been destroyed.

Euripides:

Well obviously your system must have a ticket-destroying program, but it’s foolish to make users rely on such a thing. You can’t count on users to remember to destroy their tickets every time they finish a workstation session. And even if you rely upon your users to destroy their tickets, consider the following scenario.

I’ve got a program that watches the network and copies service tickets as they zip accross the network. Suppose I feel like victimizing you. I wait for you to begin a workstation session, I turn on my program and copy a bunch of your tickets.

I wait for you to finish your session, and eventually you logout and leave. I fiddle with my workstation’s network software and change its address so that it matches the address of the workstation you were using when you acquired the tickets I copied. I make my workstation believe that I am you. I have your tickets, your username, and the correct network address. I can REPLAY these tickets and use services in your name.

It doesn’t matter that you destroyed your tickets before you ended your workstation session. The tickets I have stolen are valid for as long as I care to use them, because your current ticket design does not place a limit on the number of times you can reuse a ticket, or on how long a ticket remains valid.

Athena: Oh I see what you’re saying! Tickets can’t be valid forever because they would then constitute a huge security risk. We have to restrict the length of time for which a ticket can be used, perhaps give each ticket some kind of expiration date.
Euripides: Exactly. I think each ticket needs to have two additional pieces of information: a lifespan that indicates the length of time for which the ticket is valid, and a timestamp that indicates the date and time at which Charon issued the ticket. So a ticket would look something like this:
 

Euripides goes to the chalkboard and scrawls the following:

   TICKET   {username:address:servicename:lifespan:timestamp}
Euripides: Now when a service decrypts tickets, it checks the ticket’s username and address against the name and address of the person sending the ticket, and it uses the timestamp and lifespan information to see if the ticket has expired.
Athena: All right. What kind of lifetime should the typical service ticket have?
Euripides: I don’t know. Probably the length of a typical workstation session. Say eight hours.
Athena: So if I sit at my workstation for more than eight hours, all my tickets expire. That includes my ticket-granting ticket. So I have to reauthenticate myself to Charon after eight hours.
Euripides: That’s not unreasonable is it?
Athena: I guess not. So we’re settled — tickets expire after eight hours. Now I’ve got a question for you. Suppose I have copied YOUR tickets from the network–
Euripides: (Eyes twinkling) Aw, Tina! You wouldn’t really do that would you?
Athena:

This is just for the sake of argument. I’ve copied your tickets. Now I wait for you to logout. Suppose you have a doctor’s appointment or a class to attend, so you end your workstation session after a couple of hours. You are a smart boots and have destroyed your copies of the tickets before logging out.

 

But I’ve stolen your tickets, and they are good for about six hours. That gives me ample time to pillage your files and print one thousand copies of whatever in your name.

See, the lifetime-timestamp business works fine in the event that a ticket thief chooses to replay the ticket after the ticket has expired. If the thief can replay the ticket before that . . .

Euripides: Uh, well . . . Of course you are right.
Athena: I think we have run into a major problem. (She sighs.)
  Pause.
Euripides: I guess that means you’ll be busy tonight. Want more coffee?
Athena: Why not.
  • {{*}} get({string} key)
    返回与key对应的value值,假诺未命中则赶回undefined
  • {void} remove({string} key) — 从缓存中删去一个键值对
  • {void} removeAll() — 删除所有缓存中的数据
  • {void} destroy() — 删除从$cacheFactory引用的这一个缓存.

 

1、使用AngularJS自带的$cacheFactory服务

 

www.4688.com 3

有图有真相,我在每行命令和输入里,都加了详尽的注释:

 

能够利用telnet连接受Mail
Server,方便地翻看服务器的响应,然后再编程实现。如:Telnet 127.0.0.1
25。  

[javascript] view
plain
 copy

Dramatis Personae

Athena an up and coming system developer.
Euripides a seasoned developer and resident crank.

[javascript] view
plain
 copy

In the SMTP communication examples listed below the letters C and S are used to refer to the client and the server (C = Client, S = Server).

 

 

removeItem//移除记录

电子邮件的一些基本常识:

removeItem//移除记录

出殡完成后,最先准备接受并查看邮件了

 

www.4688.com 4

 

LOGIN方式

 

当客户端发送“EHLO”到Server后,Server将发送一个列表,类似:

  1. .controller(‘PlaylistCtrl’, function ($scope, $stateParams, $cacheFactory) {  
  2.     var user_cache = $cacheFactory.get(“user_cache”);   //取出名为user_cache的缓存对象  
  3.     var user = user_cache.get(“lol”);   //取出缓存对象中键值为lol的对象  
  4.     // user_cache.remove(“lol”);  //删除键值为lol对应的值  
  5.     // user_cache.removeAll(); //清除缓存对象中装有的键值对  
  6.     // user_cache.destroy(); //销毁user_cache缓存对象  
  7.     console.log(user);  
  8.   
  9.     var playlistId=$stateParams.playlistId;  //用$stateParams 取值  
  10.     console.log(“playlistId:”+playlistId);  
  11.   });  

MD5() 为规范的MD5算法,“tanstaaftanstaaf”为用户口
令,“<1896.697170952@postoffice.reston.mci.net>”是从Server发送过来的
提姆(Tim)estamp和Hostname等,ipad和opad为Keyed-MD5算法特定的常数。
上边的公式得出的digest
为”b913a602c7eda7a495b4e6e7334d3890″,加上用户名,即”timb913a602c7eda7a495b4e6e7334d3890″举行BASE64的编码,得到地点发送给Server“dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw”。

[html] view
plain
 copy

 

$cacheFactory
从字面直译即为缓存工厂,可以用它来生成缓存对象,缓存对象以key-value的形式举行数量的积存,在全体应用内是单例的,可以在service或者controller中注入那么些服务,然后就能够用它来随便的存取对象以及各类变量,上面是一个简便例子

4.第四部相比较特殊。是用户Dylan先主动请求Sina的邮件服务器,要求取自己的邮件。服务器知道后,再将该用户迪伦所管理的蕴藏空间中的邮件,再次回到出去给迪伦。请一定记住,是用户先请求,而不是服务器先响应。那一个进程中利用的POP3商议。

clear//清除记录

诠释:sina提供的SMTP服务器地址是 smtp.sina.com
,使用的端口号是SMTP协议默认端口号 25 (Gmail好像用的是465和587)

[javascript] view
plain
 copy

 

  1. .controller(‘PlaylistCtrl’, function ($scope, $stateParams, $cacheFactory) {  
  2.     var user_cache = $cacheFactory.get(“user_cache”);   //取有名为user_cache的缓存对象  
  3.     var user = user_cache.get(“lol”);   //取出缓存对象中键值为lol的靶子  
  4.     // user_cache.remove(“lol”);  //删除键值为lol对应的值  
  5.     // user_cache.removeAll(); //清除缓存对象中享有的键值对  
  6.     // user_cache.destroy(); //销毁user_cache缓存对象  
  7.     console.log(user);  
  8.   });  

眼前说了如此通俗的例证,相信您早就领会了大概的流水线,更要紧的是,了然了SMTP/POP3这三种协议。(当然,还有另外的协议,这里不做过多介绍)

$cacheFactory
从字面直译即为缓存工厂,可以用它来生成缓存对象,缓存对象以key-value的办法开展多少的蕴藏,在全路应用内是单例的,可以在service或者controller中流入这多少个服务,然后就足以用它来随便的存取对象以及各类变量,下边是一个简约例子

1.用户Dylan写好一封邮件,交给了Sina的邮件服务器。完成第一步操作,这使用的就是SMTP协议。用户提交,服务器接受,使用的都是SMTP协议。

3、service或者factory传值(service跟factory中都是单例情势,定义的变量在一切应用内唯一)

3.邮件客户端软件

例:playlists.htm页面将 playlist.id 传递到
playlist页面

首先,我会介绍部分常识,然后结合通俗的事例,再组成图文的主意来讲讲电子邮局其中的流水线及办事原理。随后,我将会用windows
命令行的章程,登录邮件服务器,用命令行的措施手工发送/接受一封电子邮件。相信这样子,你将会透彻的了然其中的办事原理。

 

实在可以把Internet上的“电子邮件服务器”,当作是一种“电子邮局”,或者直接精晓为现实生活中的邮局。

 

SMTP验证还有GSSAPI、NTLM、Kerberos等,正在学习中,关于Kerberos协议的详细资料不亮堂哪儿有相比较好的。

例:playlists.htm页面将 playlist.id 传递到
playlist页面

EHLO
250-SMTP.Mydomain.com Hello [192.168.0.1]
250-8bitmime
250-BINARYMIME
250-VRFY
250-AUTH LOGIN PLAIN CRAM-MD5
250-AUTH=LOGIN
250 OK

  1. .controller(‘PlaylistCtrl’, function ($scope, $stateParams, $cacheFactory) {  
  2.     var user_cache = $cacheFactory.get(“user_cache”);   //取有名为user_cache的缓存对象  
  3.     var user = user_cache.get(“lol”);   //取出缓存对象中键值为lol的靶子  
  4.     // user_cache.remove(“lol”);  //删除键值为lol对应的值  
  5.     // user_cache.removeAll(); //清除缓存对象中保有的键值对  
  6.     // user_cache.destroy(); //销毁user_cache缓存对象  
  7.     console.log(user);  
  8.   
  9.     var playlistId=$stateParams.playlistId;  //用$stateParams 取值  
  10.     console.log(“playlistId:”+playlistId);  
  11.   });  

网上有些人释疑,说SMTP协议就是承担发邮件,POP3商议就是承受收邮件。其实这是不太正确的。多台邮件服务器之间通信,收/发其实都是利用的SMTP协议。

3、service或者factory传值(service跟factory中都是单例情势,定义的变量在全体应用内唯一)

1.邮件服务器

当从AppCtrl对应页面切换来PlaylistCtrl对应的页面时,浏览器控制台打印结果:

 

 

提醒:部分用户使用的windows
7的操作系统,可能会唤起telnet命令不可用。请在控制面板,”打开/关闭效用“中设置telnet客户端,具体不表达。假设有些朋友还没有用过telnet,这自己也不得不先吐血了。天朝程序员水平参差不齐,作为一个windows平台上的开发人士,大部分的连个基本的Dos命令都不会。

 

CRAM-MD5方式
CRAM- MD5即是一种Keyed-MD5验证格局,CRAM是“Challenge-Response
Authentication Mechanism”的所写。
所谓Keyed-MD5,是将Clieng与Server共享的一个Key作为一部分MD5的输入,正好邮件系统的用户口令
可以看成那些Key。
切实的并行如下:

键值对存储,用法也是卓殊简单,下面给出了常用的api,

telnet pop.qq.com 110      腾讯的POP3服务器地址是pop.qq.com  
使用的端口号也是默认的 110 (报警啊!)

key//取key所对应的值

2)将用户投递过来的邮件转发给目的邮件服务器 

 

www.4688.com 5

[javascript] view
plain
 copy

图上曾经注解得很通晓了,相信通过后边的介绍。我们都可以知道整个交互过程了。

  1. .controller(‘PlaylistCtrl’, function ($scope, $stateParams, $cacheFactory) {  
  2.     var user_cache = $cacheFactory.get(“user_cache”);   //取知名为user_cache的缓存对象  
  3.     var user = user_cache.get(“lol”);   //取出缓存对象中键值为lol的目标  
  4.     // user_cache.remove(“lol”);  //删除键值为lol对应的值  
  5.     // user_cache.removeAll(); //清除缓存对象中存有的键值对  
  6.     // user_cache.destroy(); //销毁user_cache缓存对象  
  7.     console.log(user);  
  8.   });  

   
要是邮局的人察觉有属于该用户的包装,会将包装交给该用户。这么些历程就利用的是POP3探究。

 

好了,朋友们不妨试着用命令行的不二法门,去体会电子邮件的过程,这可以帮衬你领会其中的原理。时间不早了,码奴也要准备休息了。

[javascript] view
plain
 copy

同理,telnet 到POP3服务器去

 

运转“cmd”,打开Commond控制台。(指示大家须臾间,这不是DOS。我不时发现一些人把其称作DOS,觉得很好笑。还有些培训助教说这是DOS,误人子弟)

 

4.邮件传输协议

  1. .state(‘app.single’, {  
  2.     url: ‘/playlists/:playlistId’,  //配置几个参数用:a/:b/:c  
  3.     views: {  
  4.       ‘menuContent’: {  
  5.         templateUrl: ‘templates/playlist.html’,  
  6.         controller: ‘PlaylistCtrl’  
  7.       }  
  8.     }  

 

 

http://www.cnblogs.com/rootq/articles/1320266.html

 

Contents

 

S: 220 smtp.server.com Simple Mail Transfer Service Ready
C: EHLO client.example.com
S: 250-smtp.server.com Hello client.example.com
S: 250-SIZE 1000000
S: 250 AUTH LOGIN PLAIN CRAM-MD5
C: AUTH PLAIN
S: 334 
C: dGVzdAB0ZXN0ADEyMzQ=
S: 235 2.7.0 Authentication successful

getItem //取记录

 
After that
the AUTH CRAM-MD5 command has been sent to the server, the servers sends
back an one-time BASE64 encoded “challenge” to the client
(see [1] above). The client responds by sending a
BASE64 encoded string to the server that contains a username and a
16-byte digest in hexadecimal notation (see [2] above).
 
The digest in
the reply string is the output of
an HMAC (Hash-based Message
Authentication Code) calculation with the password as the secret key and
the SMTP server’s original challenge as the message. The SMTP server
also calculates its own digest with its notion of the user’s password,
and if the client’s digest and the server’s digest match then
authentication was successful and a 235 reply code is sent to the
client.
 
The CRAM-MD5
authentication mechanism is more secure than the other two mechanisms
described earlier because the password can not be retrieved by decoding
the BASE64 encoded client response. The password is used as the key to
calculate the HMAC but the password is not stored anywhere in the
response. The client response is also invalid for further
authentications because of the “challenge” sent from the server was an
one-time “challenge” (often with a current time stamp included) and can
not be re-used by somebody who monitors the SMTP communication.

 

先是,登录我的sina邮箱,准备发送一封邮件到本人的QQ邮箱里面去。

  • {{*}} get({string} key)
    返回与key对应的value值,假若未命中则赶回undefined
  • {void} remove({string} key) — 从缓存中删除一个键值对
  • {void} removeAll() — 删除所有缓存中的数据
  • {void} destroy() — 删除从$cacheFactory引用的这些缓存.

应用login形式的证实类别如下 (C:表示Client,S:表示Server)
C:auth login ————————————————-
举办用户地点认证
S:334 VXNlcm5hbWU6 ———————————–
BASE64编码“Username:”
C:Y29zdGFAYW1heGl0Lm5ldA== ———————————–
用户名,使用BASE64编码
S:334 UGFzc3dvcmQ6
————————————-BASE64编码”Password:”
C:MTk4MjIxNA== ———————————————–
密码,使用BASE64编码
S:235 auth successfully ————————————–
身份表明成功

 

www.4688.com 6

 

The AUTH command
is an ESMTP command (SMTP service extension) that is used to
authenticate the client to the server. The AUTH command sends the
clients username and password to the e-mail server. AUTH can be combined
with some other keywords
as PLAINLOGINCRAM-MD5 and DIGEST-MD5 (e.g. AUTH
LOGIN) to choose an authentication mechanism. The authentication
mechanism chooses how to login and which level of security that should
be used. 
 
Below are
the AUTH PLAINAUTH LOGIN and AUTH
CRAM-MD5
 commands/mechanisms described.
 

 

Scene I

A cubicle area. Athena and Euripides are working at neighboring
terminals.

Athena: Hey Rip, this timesharing system is a drag. I can’t get any work done because everyone else is logged in.
Euripides: Don’t complain to me. I only work here.
Athena: You know what we need? We need to give everyone their own workstation so they don’t have to worry about sharing computer cycles. And we’ll use a network to connect all the workstations so folks can communicate with one another.
Euripides: Fine. So what do we need, about a thousand workstations?
Athena: More or less.
Euripides: Have you seen the size of a typical workstation’s disk drive? There isn’t enough room for all the software that you have on a timesharing machine.
Athena: I figured that out already. We can keep copies of the system software on various server machines. When you login to a workstation, the workstation accesses the system software by making a network connection with one of the servers. This setup lets a whole bunch of workstations use the same copy of the system software, and it makes software updates convenient. You don’t have to trundle around to each workstation. Just modify the system software servers.
Euripides: All right. What are you going to do about personal files? With a timesharing system I can login and get to my files from any terminal that is connected to the system. Will I be able to walk up to any workstation and automatically get to my files? Or do I have to make like a PC user and keep my files on diskette? I hope not.
Athena: I think we can use other machines to provide personal file storage. You can login to any workstation and get to your files.
Euripides: What about printing? Does every workstation have its own printer? Whose money are you spending anyway? And what about electronic mail? How are you going to distribute mail to all these workstations?
Athena: Ah . . . Well obviously we don’t have the cash to give everyone a printer, but we could have machines dedicated to print service. You send a job to a print server, and it prints it for you. You could do sort of the same thing with mail. Have a machine dedicated to mail service. You want your mail, you contact the mail server and pick up your mail.
Euripides: Your workstation system sounds really good Tina. When I get mine, you know what I’m going to do? I’m going to find out your username, and get my workstation to think that I am you. Then I’m going to contact the mail server and pick up your mail. I’m going to contact your file server and remove your files, and–
Athena: Can you do that?
Euripides: Sure! How are these network servers going to know that I’m not you?
Athena: Gee, I don’t know. I guess I need to do some thinking.
Euripides: Sounds like it. Let me know when you figure it out.

$cacheFactory常用的多少个方面api如下:

 

2、使用url传参

老实说,我在七八年前就有了自己的雅虎邮箱,一向断断续续有用过。直到后来在座工作后,由于平常需要邮件交流,我才发觉,原来电子邮件是如此用的。在自身的习惯思维里,一贯认为邮箱是必须在提供商的网站上才能登录,然后必须在对应的网页里收发、查看、删除邮件(比如自己登记了雅虎邮箱,必须在雅虎网站去登录,然后才能跻身操作)。后来有同事推荐了福克斯(Fox)(Fox)Mail,在配置过程中,我才了然了何等是SMTP/POP3合计,后来才意识,原来office中的Outlook,也是一款不错的邮件客户端。或许有过多朋友和本人同一,也是这么天真的以为的。聊点题外话,其实一般的大商厦都不行强调“邮件”的,这带有你平时工作中的互换,工作安排,工作记录等。每一天及时收发邮件,也是一种优质的做事习惯。一般公司都有自己的公司邮箱和邮件客户端。当然,小企业类似不太提倡那多少个,面对面互换就好了,一般的有史以来没有这多少个“工作习惯”。所以,很几个人常有没去了然过。包括我们有的是开发人士,IT人士,都还不太精晓其流程及办事规律。

 

电子邮件服务器的紧要效能:

  1. .controller(‘AppCtrl’, function ($scope, $ionicModal, $timeout, $cacheFactory) {  
  2.   
  3.   var user = {name: ‘jax’, age: 18, sex: ‘男’};  
  4.   var user_cache = $cacheFactory(“user_cache”);  //讲明一个user_cache缓存对象    
  5.   user_cache.put(“lol”,user);    //放入缓存对象  

解析电子邮件的规律

www.4688.com 7
4、使用H5本地存储localStorage或者sessionStorage(还有indexDB,websql在数据量较大气象下拔取)

 

 

有图有实质:

$cacheFactory常用的多少个方向api如下:

使用telnet命令,输入 telnet smtp.sina.com 25   回车

 

在几年以前,相信广大情侣都闻讯过,马云同志开创Alibaba的时候,还不会发邮件。也不知情在Alibaba上市之后,他学会收发邮件了并未!呵呵。我是一度从内心里“瞧不起”过,至少认为在这或多或少上自己比她强很多。后来自己才意识,我未必通晓收发邮件。除了自家,还有众多的码农也常有不精通收发邮件,更不领悟Email里面的办事原理。借此,向我们介绍一下和Email相关的技艺。

getItem //取记录

在配置Outlook或者foxMail来收发邮件时,肯定会遇见SMTP协议和POP3琢磨的安排选项。这这五个钻探分别是啥意思呢?网上都有翻译,我不会复制粘贴了。

  1. .controller(‘PlaylistCtrl’, function ($scope, $stateParams, $cacheFactory,dataService) {  
  2.   console.log(“sercice data:”+dataService.getData());  //得到data  
  3. });  

 

www.4688.com 8
4、使用H5本地存储localStorage或者sessionStorage(还有indexDB,websql在数据量较大动静下拔取)

 

setItem//设置记录

3.有人用QQ邮箱,发送了一封Email给迪伦。所以,QQ的邮件服务器,将邮件发送给Sina的邮件服务器。这两台服务器的收发,使用的都是SMTP协议。

 

早期的SMTP协议是不分包安全认证的,所谓的ESMTP在安全性方面扩充了SMTP,通过扩张命令EHLO和AUTH。目前的SMTP服务器,无论是公
网的如故内网的,大都要求平安认证,即便您利用的是Outlook
Express,那么在邮箱帐户的安排中有一个精选-“我的SMTP服务器要求验证”。我们的应用程序中不时有发送邮件的效应,而精炼的邮件发送程序没有
包含验证的模块。

 

下边,我讲用windows命令行的法门,来演示发送和收取/查看电子邮件

setItem//设置记录

PLAIN方式
依据公开的SMTP验证,详见:http://www.ietf.org/internet-drafts/draft-ietf-sasl-plain-08.txt
其发送用户名与口令的格式应该是“<NULL>tim<NULL>tanstaaftanstaaf”。“tim”是用户名,前边的字符串是口令,NULL是ASCII的0(所以不可以运用telnet登录)。

  1. .controller(‘PlaylistCtrl’, function ($scope, $stateParams, $cacheFactory,dataService) {  
  2.   console.log(“sercice data:”+dataService.getData());  //得到data  
  3. });  

MD5 RFC:http://www.faqs.org/rfcs/rfc1321.html Keyed-MD5
RFC:http://www.faqs.org/rfcs/rfc2104.html
SMTP验证:http://www.faqs.org/rfcs/rfc2195.html

 

5.电子邮件的传输过程

 

列表中”LOGIN PLAIN CRAM-MD5″表达了该SMTP
Server援助的注脚措施,本文将详细分解这两种注明模式。

[javascript] view
plain
 copy

 

http://blog.163.com/licanli2082@126/blog/static/35748686201201323444100/

S: * OK IMAP4 Server
C: A0001 AUTHENTICATE CRAM-MD5
S: + PDE4OTYuNjk3MTcwOTUyQHBvc3RvZmZpY2UucmVzdG9uLm1jaS5uZXQ+ ——–
Server发送BASE64编码的Timestamp、Hostname等给Client
C: dGltIGI5MTNhNjAyYzdlZGE3YTQ5NWI0ZTZlNzMzNGQzODkw ——-
Client将选择的音讯丰裕用户名和口令,编码为BASE64发送给Server
S: A0001 OK CRAM authentication successful ———–
Server使用该用户的口令举办MD5运算,假设拿到一致的出口则证实成功

 
 
AUTH PLAIN One common
method to login to an SMTP server is to use the PLAIN mechanism. The
example below shows howAUTH PLAIN can be used to login:
 

 

相关文章

发表评论

电子邮件地址不会被公开。 必填项已用*标注

*
*
Website