s-u
commented
1 year ago Added RConnection.login(user, pwd, true) to force plain-text login even if crypt-based authentication is available for hash-based password file.
WARNING: The CMD_login mechanism is only intended for legacy clients. Modern applications should use TLS encrypted communication either with OCAP mode and/or client certificate authentication.
Rserve supports storing password in hashed form, but if that feature is used,
login()has to send plain text password even if crypt-based passwords are supported. Currently, RConnection will always pick crypt-based authentication over plain text authentication if it is supported, but that is unable to authenticate against hashed passwords.