Murder installation: authentication hints.

[Dmitry Novosjolov]

Dear List members,

I have a murder cyrus installation with 2 backends and 3 frontends. 
I'm using sasl_pwcheck_method: auxprop in the imapd.conf (PLAIN passwords I 
think ?). My users use IMAP and SIEVE rules. 

As I understand the murder concept: imapproxyd at frontends proxies 
connections to the backends, and it authenticates incoming connections (for 
example, person1) at frontend, and then authenticates itself at the backend 
server as some other user (for example, proxy1) (which is allowed to proxy) 
and acts on behave of the user (person1).
Right ?

timsieved works in other way: it supports referrals and so it authenticates at 
the backend directly (person1), so the password for the user (person1) should 
be the same on a fronend and on backend servers.
Correct ?

In general every fronend authenticates incoming IMAP connections locally, so 
if I want to have *exactly* the same frontends I should take care of syncying 
passwords between my frontends and If I use sieve I also should sync user 
passwords on backends and fronends as well.
Correct ?


So the question is how I can achieve that ? 
Maybe I should use some other way of performing authentication which uses a 
centrilized password storage?
Please point me in right direction.



Thank you for your answers.

Dmitry.