From: Guillermo Gómez (no email)
Date: Wed Dec 05 2007 - 15:42:24 EST
> pam_mysql would correlate to saslauthd, and the cyrus sasl plugin
> would correlate to auxprop.
>
> See documentation on the SASL pwcheck_method setting
> (sasl_pwcheck_method in /etc/imapd.conf).
>
> When set to saslauthd, the pwcheck_method will allow the use of
> the PLAIN and LOGIN mechanisms, and will pass the username and
> password from the client on to PAM. PAM can internally hash the
> password and compare it against an already md5/crypted password.
>
> When set to auxprop, SASL will retrieve the cleartext password
> and use it to compare (in the case of PLAIN and LOGIN), or to use
> in multi-step negotiation of other mechanisms, such as DIGEST-MD5.
>
> The auxprop plugin gives you the ability to authenticate using
> the PLAIN, LOGIN, DIGEST-MD5, CRAM-MD5, NTLM and OTP mechs (and
> probably more).
>
> saslauthd only gives you the ability to authenticate using PLAIN
> and LOGIN (I believe), which may or may not be sufficient for you.
>
> - Dan
>
Thanks Dan, im reading and trying to digest all the material available.
What the customer wants is:
1.- md5-digest between imap client/server (squirrelmail/cyrus-imapd)
2.- md5 encrypted passwords stored in mysql db (cyrus-imap-??)
Is this combination possible?
Guillermo
-- Ing.Guillermo Gomez S. http://fedora.gomix.org ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
|
|
|