how should a module deal with authentification callbacks ?

[Christophe Fergeau <teuf users sourceforge net>]

A GnomeVFS module can invoke callbacks whern it needs a login or a password to login to a site. But it's not really clear to me what should be done with this information. Obviously, this login/password can be used to try to successfully complete the current vfs operation, but using this scheme, the information will have to be reasked for each gnome-vfs operation which is not optimal nor very user friendly.

So this login and password should be cached to be reused, and that's where I'm not sure what should be done. 
The app can cache the login/password pair when the user has entered it once, but there is a problem with that approach if the user enters an uri with a wrong username, the app has only two alternatives : reask the user the correct information for each vfs operation, or only associate only one username/password with each hostname, which I'm not sure is a good idea.
On the other hand, the module could choose to rewrite the uri so that it contains the correct information, but I'm not sure that's allowed, and apps may not like that (at least nautilus doesn't seem to like that very much).

Does anybody know what is the expected behaviour of a gnome-vfs module when it receives authentification information ?

Thanks in advance, 

Christophe