Thunderbird + Kerberos 5 + Cyrus SASL-and-IMAP?
Jeff Blaine
jblaine at kickflop.net
Thu Feb 8 16:42:01 EST 2007
I have a healthy MIT Kerberos 1.5.2 realm and Cyrus IMAP 2.2.12
server configured (SASL 2.1.22).
I can't get Thunderbird (latest 1.5 official release) to perform
GSSAPI authentication against the Cyrus IMAP server.
I have valid Kerberos 5 credentials (for user jblaine) via Kerberos
for Windows 3.1. I have restarted Thunderbird.
Anyone know how to do this? This is supposed to work if I am
not mistaken.
Thunderbird states the server does not support secure authentication
(which is BS).
====================================================================
imtest authenticates (as jblaine) via GSSAPI fine!
C: A01 AUTHENTICATE GSSAPI YIICBblahblahblah
S: + YIGWBgkqhkblahblah
...
S: A01 OK Success (privacy protection)
Authenticated.
Security strength factor: 56
...
Feb 8 16:36:44 noodle.foo.com imap[26514]: [ID 529592 local6.notice]
login: noodle.foo.com [192.168.168.100] jblaine GSSAPI User logged in
====================================================================
/etc/imapd.conf reads as follows:
configdirectory: /var/imap
defaultpartition: default
partition-default: /var/spool/imap
imap_admins: root cyrus
sieveusehomedir: false
autocreatequota: 200000
duplicate_db: skiplist
allowplaintext: false
force_sasl_mech: GSSAPI
sasl_log_level: 4
More information about the Info-cyrus
mailing list