Looking for canon_user plugin
Dieter Kluenter
dieter at dkluenter.de
Fri Sep 22 03:31:31 EDT 2006
Torsten Schlabach <tschlabach at gmx.net> writes:
> Hi all!
>
> Does anyone know of any ready made plugins available to canonicalize
> (c14n) usernames on the SASL layer?
>
> What I would be looking for was a plugin which looks up and sets an
> authz (authorization id) from LDAP given a username.
>
> What I want to achieve is this:
>
> I have a Cyrus IMAPd server, which is using SASL (saslauthd, to be
> exact) to handle user logins. I want a user to be able to login using
> a nickname and I would expect such a plugin to do a lookup against
> LDAP to find that user's real userid (=mailbox name) and set it as the
> authorization id.
>
> By default, IMAPd assumes authorization id == authentication id and
> some IMAP clients don't have a proper way to specify different
> authentication and authorization id.
>
> If there was such a plugin, some hints on how to configure such a
> plugin would be nice as well.
The auxprop ldapdb combined with an appropriate slapd.conf and a well
defined regex for authTo attribute could do this. Although there would
be no need to transform nick to userid.
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6
More information about the Cyrus-sasl
mailing list