From: (no name) (no email)
Date: Thu Jan 09 2003 - 20:58:41 EST
Paul M Fleming wrote:
> Timing out the passwords is simple ( I think ) I would store the time
> when the entry is added and force a reauth if the password has been
> cached longer than a timeout (for example one hour ). That forces a
> reauth at least every timeout period of time. If an entry isn't in the
> cache (or if it is different the entry would be removed and ) a reauth
> would be forced. Every successfull auth would be added to the cache.
This whole idea sounds great, especially as I'd expect a lot of the
authentication load to come from a small number of users with their
clients set to check mail every few minutes.
For debugging it would help if there was a way to force a flush of the
entire cache, and one to dump its contents. I'm not sure how you'd get
saslauthd to recognise maintenance commands like this - maybe some method
of "out-of-band signalling", which seems better than tinkering with the
socket protocol.
-- Simon Brady mailto: ITS Technical Services University of Otago, Dunedin, New Zealand
|
|
|