cyrus-sasl + auxprop plugin for ldap
Thomas Antony
thomas at antony.eu
Wed Sep 19 19:52:03 EDT 2007
> Because saslauthd allows only single authentication mechanism to be used.
> In my case I need to be able to have both mysql and ldap (though may be
> it is possible to have in both through pam).
> I guess auxprops frameworks allows this multiple mechanisms to be
> achieved. At least, that's how it looks at first glance.
>
Hi Anna,
sasl supports a whitespace seperated list for pwcheck_method, mech_list
and auxprop_plugin.
http://www.sendmail.org/~ca/email/cyrus2/options.html
here is a quick and not complete overview of what is possible:
log_level: 3
pwcheck_method: auxprop saslauthd authdaemond
mech_list: PLAIN LOGIN GSSAPI DIGEST-MD5
auxprop_plugin: sql ldapdb sasldb
sql_hostnames: 127.0.0.1 192.168.1.10
sql_engine: mysql
sql_user: user
sql_passwd: password
sql_database: mydb
sql_select: SELECT password FROM users WHERE email='%s' AND enabled='1'
ldapdb_uri: ldap://127.0.0.1 ldaps://ldap2.example.com
ldapdb_id: manager
ldapdb_pw: password
ldapdb_mech: GSSAPI
ldapdb_starttls: try
authdaemond_path: /var/run/authdaemon/socket
regards,
Thomas
More information about the Cyrus-sasl
mailing list