Looking for canon_user plugin
Torsten Schlabach
TSchlabach at gmx.net
Fri Sep 22 04:46:12 EDT 2006
Hi Dieter,
> The auxprop ldapdb combined with an appropriate slapd.conf and a well
> defined regex for authTo attribute could do this.
I was trying, but not getting anywhere with that. Have you done any of this successfully?
> Although there would
> be no need to transform nick to userid.
Why do you think so? Maybe I have overlooked the obvious and try to go for a way too complex solution?
Regards,
Torsten
-------- Original-Nachricht --------
Datum: Fri, 22 Sep 2006 09:31:31 +0200
Von: "Dieter Kluenter" <dieter at dkluenter.de>
An: cyrus-sasl at lists.andrew.cmu.edu
Betreff: Re: Looking for canon_user plugin
> Torsten Schlabach <tschlabach at gmx.net> writes:
>
> > Hi all!
> >
> > Does anyone know of any ready made plugins available to canonicalize
> > (c14n) usernames on the SASL layer?
> >
> > What I would be looking for was a plugin which looks up and sets an
> > authz (authorization id) from LDAP given a username.
> >
> > What I want to achieve is this:
> >
> > I have a Cyrus IMAPd server, which is using SASL (saslauthd, to be
> > exact) to handle user logins. I want a user to be able to login using
> > a nickname and I would expect such a plugin to do a lookup against
> > LDAP to find that user's real userid (=mailbox name) and set it as the
> > authorization id.
> >
> > By default, IMAPd assumes authorization id == authentication id and
> > some IMAP clients don't have a proper way to specify different
> > authentication and authorization id.
> >
> > If there was such a plugin, some hints on how to configure such a
> > plugin would be nice as well.
>
> The auxprop ldapdb combined with an appropriate slapd.conf and a well
> defined regex for authTo attribute could do this. Although there would
> be no need to transform nick to userid.
>
> -Dieter
>
> --
> Dieter Klünter | Systemberatung
> http://www.dkluenter.de
> GPG Key ID:8EF7B6C6
More information about the Cyrus-sasl
mailing list