[Fwd: Re: Cyrus IMAPd, auxprop and canon_user plugins?]
Torsten Schlabach
tschlabach at gmx.net
Fri Sep 29 10:57:43 EDT 2006
Igor,
> You will need to write a custom cyrus imapd authorization module or a
> sasl canon plugin.
Thank you for confirming that!
Some people claimed it could be done by using sasl-regexp stuff in
OpenLDAP together with ldabdb auxprop plugin alone. I came to the
conclusion that I don't see how this might work, which is what you're
saying.
Now I have to decide wether I will write a canon_user or an auxprop plugin.
I have indeed done some successful prototyping with a canon_user plugin
using the norealm.c example from Diego Rivera [1]. But I wonder if I
could handle this inside the ldapdb auxprop plugin as well.
Inside the auxprop plugin, I have the LDAP connection and the object
against which I authenticate anyway. So it would be very easy to read an
extra attribute from that object and use it as the canonicalized username.
The question is: Can an auxprop plugin override the username?
Regards,
Torsten
---
[1]
http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=4403
Igor Brezac schrieb:
>
>>-----Original Message-----
>>From: cyrus-devel-bounces at lists.andrew.cmu.edu [mailto:cyrus-devel-
>>bounces at lists.andrew.cmu.edu] On Behalf Of Torsten Schlabach
>>Sent: Thursday, September 28, 2006 5:55 PM
>>To: cyrus-devel at lists.andrew.cmu.edu
>>Subject: [Fwd: Re: Cyrus IMAPd, auxprop and canon_user plugins?]
>>
>> > What do you want to achieve, what problem do you want to solve?
>>
>>As I wrote:
>>
>> > Our users want to login using their email address as a login name, not
>> > their xy12345 name.
>>
>>Isn't that a very common problem?
>
>
> You will need to write a custom cyrus imapd authorization module or a sasl
> canon plugin.
>
> -Igor
>
>
>>Regards,
>>Torsten
>>
>>-------- Original-Nachricht --------
>>Betreff: Re: Cyrus IMAPd, auxprop and canon_user plugins?
>>Datum: Thu, 28 Sep 2006 21:56:06 +0200
>>Von: Dilyan Palauzov <Dilyan.Palauzov at aegee.org>
>>An: Torsten Schlabach <tschlabach at gmx.net>
>>Referenzen: <451C05ED.5000401 at gmx.net>
>>
>> Hello Torsten,
>> What do you want to achieve, what problem do you want to solve? How
>>want the users want to login, why do you walk about xy12345, when you
>>don't have questions about it?
>> Greetings,
>> ?????
>>
>>Torsten Schlabach wrote:
>>
>>>Hi!
>>>
>>>I am not really sure how to ask the question the right way, but let me
>>>start somewhere:
>>>
>>>I understand that an auxprop plugin retrieves a number of attributes
>>>from a backend. One of that attributed typically is a userPassword
>>>string IIUC.
>>>
>>>What other attributes does Cyrus IMAPd ask off an auxprop plugin it
>>
>>uses?
>>
>>>Is there anything like a "mailbox name" or "authzId" attribute for
>>>example which is beeing retrieved through the auxprop plugin?
>>>
>>>We run a setup that does not have virtual domains, but we use mailbox
>>>names such as xy12345 and we map e-mail addresses to mailboxes.
>>>
>>>No users want to login using their email address as a login name, not
>>>their xy12345 name.
>>>
>>>I think there might be two ways of achieving that:
>>>
>>>a) By putting a "mailbox name" attribute in the backend database, if
>>>IMAPd would care or
>>>b) By writing something to the authzid attribute in the auxprop plugin.
>>>
>>>In case of doing the latter, would the auxprop plugin eliminate the need
>>>for a canon_user plugin?
>>>
>>>Do I suffer from any misconception here?
>>>
>>>Regards,
>>>Torsten
>>>
More information about the Cyrus-devel
mailing list