multiple calls to canonuser-plugin?
Dan White
dwhite at olp.net
Fri Mar 19 09:27:11 EDT 2010
On 19/03/10 06:03 +0100, Lars Duesing wrote:
>Hi List,
>
>I am programming a sql canonuser-plugin. In short it does a sql-statement
>(SELECT main_account FROM accounts WHERE address='%s')
>
>This plugin is to be used in cyrus-imap.
>
>All my code works fine. But: the canonuser-plugin is called multiple times
>within the same context.
>
>For instance:
>
>---
>
>DB:
>
>main_account address
>
>webmaster at test.local lars at test.local
>
>lars at test.local webmaster at anywhere.local
>
>
>
>my code does (at the moment!) only one select statement, but is called
>twice.
>
>When I ask for webmaster at anywhere.local sasl sends webmaster at t - because the
>length given back is the length from the first select.
>
>My problem is it seems like the code is called twice at the same time.
>
>Is this a problem of sasl or of imap?
Lars,
Without digging into the imapd code, the first thought that comes to mind is
that imapd is possibly performing a canon_user call for both your
authentication and authorization identities.
To see, you could authenticate with an authentication mech that does not
support proxy authentication (and does not pass both an authc and authz).
The LOGIN mech does not support proxy auth, but the PLAIN mech does. If
you're seeing two calls with a PLAIN authentication, but only 1 with a
LOGIN authentication, then that may be why.
--
Dan White
More information about the Cyrus-sasl
mailing list