From: Hank Beatty (no email)
Date: Sat Feb 01 2003 - 15:33:39 EST
I'm thinking that in my case this isn't necessarily a problem because the
clients will not be able to reach the back end servers so all communication
will have to be proxied.
Hank
----- Original Message -----
From: "Rob Siemborski" <>
To: "Ken Murchison" <>
Cc: "Hank Beatty" <>; "Cyrus-Info"
<>
Sent: Friday, January 31, 2003 4:35 PM
Subject: Re: Murder and Backend Authentication
> On Fri, 31 Jan 2003, Ken Murchison wrote:
>
> > Like Rob said, just PLAIN, which will require you to use STARTTLS, which
> > is only in 2.2. That being said, since you will likely only have one or
> > two proxy admins, you could just put them in sasldb2 and use DIGEST-MD5.
>
> This may break some clients, since they may then try to authenticate using
> DIGEST-MD5 to the backend (Say, via a referral), and then get upset when
> they can't.
>
> You really want a uniform authentication enviornment for the aggregator.
>
> -Rob
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
> Research Systems Programmer * /usr/contributed Gatekeeper
>
|
|
|