Looking for canon_user plugin

[Torsten Schlabach]

Hi Dieter,

 >>>The auxprop ldapdb combined with an appropriate slapd.conf and a well
 >>>defined regex for authTo attribute could do this.
 >>
 >>I was trying, but not getting anywhere with that. Have you done any 
of this successfully?
 >
 >
 > Yes.

I have successfully created such a setup on a test system. I can now 
successfully authenticate by passing an alias name instead of the real 
username. Wasn't easy, but this works now, but ...

 >>>Although there would
 >>>be no need to transform nick to userid.
 >>
 >>Why do you think so? Maybe I have overlooked the obvious and try to 
go >>for a way too complex solution?
 >
 > If you map uid:<nick> --> nickname:<nick> nickname gets authenticated.

I am not sure I understand what you mean exactly here, maybe that's the 
point.

The way I am testing this is:

cyradm --user realuser localhost
Enter password.
=> I am in; authorized as realuser.

cyradm --user aliasofuser localhost
Enter password.
=> I am in; but authorized as aliasofuser.

So using the alias to login, I cannot access the user.realuser mailbox.

What kind of mapping are you referring to when you say

 > If you map uid:<nick> --> nickname:<nick> nickname gets authenticated.

sasl-regexp ?

I cannot really map there, because I have to match what what originally 
entered and use it again in a search, don't I?

Regards,
Torsten


Dieter Kluenter schrieb:
> Hi Torsten,
> 
> "Torsten Schlabach" <TSchlabach at gmx.net> writes:
> 
> 
>>Hi Dieter,
>>
>>
>>>The auxprop ldapdb combined with an appropriate slapd.conf and a well
>>>defined regex for authTo attribute could do this.
>>
>>I was trying, but not getting anywhere with that. Have you done any of this successfully?
> 
> 
> Yes.
> 
> 
>>>Although there would
>>>be no need to transform nick to userid.
>>
>>Why do you think so? Maybe I have overlooked the obvious and try to go for a way too complex solution?
> 
> 
> If you map uid:<nick> --> nickname:<nick> nickname gets authenticated.
> 
> -Dieter
> 
>