global admin without defaultdomain?
Igor Brezac
igor at ipass.net
Tue Dec 30 13:01:13 EST 2003
On Tue, 30 Dec 2003, Rob Siemborski wrote:
> On Tue, 30 Dec 2003, Igor Brezac wrote:
>
> > I think I found what is causing the problem or at least unpredicteble
> > behavior. %r will have a value regardless of whether an application
> > (imapd in this case) passes the realm to the auxprop. saslauthd auths do
> > not work this way. This is also somewhat related to bug #2326. Why does
> > serverFQDN need to be used to realm when user_realm is not available?
>
> I think this is mostly for backwards compatibility with saslauthd in early
> SASLv2 versions. Also, DIGEST (atleast) needs a source for the realm.
Can we make this an option?
> Our realm support in saslauthd has never been well tested and is likely
> inconsistant with lots of things (including itself).
I do not know about other saslauthd auth mechs, but ldap mech should
handle realms properly. I know that pam is broken.
--
Igor
More information about the Info-cyrus
mailing list