Murder and Backend Authentication

Hank Beatty hbeatty.lists at earthlink.net
Fri Jan 31 15:35:47 EST 2003


OK. That makes sense. Are there any SASL mechs that can use PAM?

----- Original Message -----
From: "Rob Siemborski" <rjs3 at andrew.cmu.edu>
To: "Hank Beatty" <hbeatty.lists at earthlink.net>
Cc: "Cyrus-Info" <info-cyrus at lists.andrew.cmu.edu>
Sent: Friday, January 31, 2003 3:18 PM
Subject: Re: Murder and Backend Authentication


> You aren't offering any SASL mechanisms.  I believe the 2.2 code even
> supports STARTTLS (and therefore PLAIN).
>
> You need to support a SASL mechanism that allows proxy authentication.
> The regular IMAP login command isn't good enough.
>
> -Rob
>
> On Fri, 31 Jan 2003, Hank Beatty wrote:
>
> > And when I use imtest:
> >
> > [root at draco root]# imtest -u hbeatty -a hbeatty localhost
> > S: * OK draco Cyrus IMAP4 v2.2.prealpha server ready
> > C: C01 CAPABILITY
> > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
> > NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT
> > THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE
> > MUPDATE=mupdate://zeus.email.starband.net/
> > S: C01 OK Completed
> > Please enter your password:
> > C: L01 LOGIN hbeatty {4}
> > S: + go ahead
> > C: <omitted>
> > S: L01 OK User logged in
> > Authenticated.
> > Security strength factor: 0
> >
> > ----- Original Message -----
> > From: "Rob Siemborski" <rjs3 at andrew.cmu.edu>
> > To: "Hank Beatty" <hbeatty.lists at earthlink.net>
> > Cc: "Cyrus-Info" <info-cyrus at lists.andrew.cmu.edu>
> > Sent: Friday, January 31, 2003 2:29 PM
> > Subject: Re: Murder and Backend Authentication
> >
> >
> > > What SASL mechanism are you using between your frontend and backends?
> > >
> > > Or rather, what mechanisms are your backends advertising?
> > >
> > > -Rob
> > >
> > > On Fri, 31 Jan 2003, Hank Beatty wrote:
> > >
> > > > I'm working on getting a Murder setup and I can authenticate and
pull
> > mail
> > > > directly from the backend server.
> > > >
> > > > However, when I try to proxy the connection I get this in
> > /var/log/messages
> > > > on the proxy/master:
> > > >
> > > > Jan 31 13:40:35 zeus pop3[5437]: login: SERVER[192.168.247.241]
hbeatty
> > > > plaintext
> > > > Jan 31 13:40:35 zeus pop3[5437]: couldn't authenticate to backend
> > server: no
> > > > mechanism available
> > > > Jan 31 13:40:35 zeus pop3[5437]: couldn't authenticate to backend
server
> > > >
> > > > I get this in /var/log/imapd.log on the backend server:
> > > >
> > > > Jan 31 13:45:01 draco pop3[32718]: accepted connection
> > > > Jan 31 13:45:01 draco master[32724]: about to exec
/usr/cyrus/bin/pop3d
> > > > Jan 31 13:45:01 draco master[32688]: process 32718 exited, status 0
> > > > Jan 31 13:45:01 draco pop3[32724]: executed
> > > >
> > > > With this in mind it would seem that when using the proxy the
> > authentication
> > > > method is different somehow. Is this correct?
> > > >
> > > >
> > > >
> > >
> > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> > > Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
> > > Research Systems Programmer * /usr/contributed Gatekeeper
> > >
> >
> >
> >
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456
> Research Systems Programmer * /usr/contributed Gatekeeper
>





More information about the Info-cyrus mailing list