a proxy for multiple sasl instances

Thomas Harding tom at thomas-harding.name
Sat Mar 25 11:36:19 EDT 2017


Why don't use an Openldap instance as proxy ?

Le 25 mars 2017 09:42:37 GMT+01:00, Chentao Credungtao via Cyrus-sasl <cyrus-sasl at lists.andrew.cmu.edu> a écrit :
>Hi,
>
>I need to set up Postfix authentication against multiple (3) OpenLDAP 
>servers.
>
>I managed to run 3 instances of SASL, each one authenticating against 
>one of the 3 servers :
>
>First instance, authenticating against the first LDAP server
>(example.com) :
># testsaslauthd -f /var/run/saslauthd-com/mux -u john.doe at example.com
>-p 
>password1
>0: OK "Success."
>
>Second instance, authenticating against the second LDAP server 
>(example.net) :
># testsaslauthd -f /var/run/saslauthd-net/mux -u jane.doe at example.net
>-p 
>password2
>0: OK "Success."
>
>Third instance, authenticating against the third LDAP server
>(example.org) :
># testsaslauthd -f /var/run/saslauthd-org/mux -u jimmy.doe at example.org 
>-p password3
>0: OK "Success."
>
>The problem : it seems Postfix can only authenticate against one
>running 
>instance of SASL.
>
>
>Is it possible to set up some kind of a SASL proxy, that forwards each 
>authentication-request to another SASL instance, depending on the
>e-mail 
>domain ?
>Something like :
>
># testsaslauthd -f /var/run/saslauthd-proxy/mux -u john.doe at example.com
>
>-p password1
>==> should be forwarded to /var/run/saslauthd-com
>
># testsaslauthd -f /var/run/saslauthd-proxy/mux -u jane.doe at example.net
>
>-p password2
>==> should be forwarded to /var/run/saslauthd-net
>
># testsaslauthd -f /var/run/saslauthd-proxy/mux -u
>jimmy.doe at example.org 
>-p password2
>==> should be forwarded to /var/run/saslauthd-org
>
>Thanks (any other idea to approach this problem is welcome)
>
>Chen

-- 
Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20170325/5d780afe/attachment.html>


More information about the Cyrus-sasl mailing list