Using MySQL plugin and NTLM - obscure gotcha
Dave O
cxreg at pobox.com
Fri May 23 18:48:50 EDT 2003
You could alter your MySQL query to look like this:
SELECT * FROM foo WHERE BINARY bar = 'value'
which makes the SELECT into a case-sensitive query. HTH
Dave O
On Fri, 23 May 2003, Nels Lindquist wrote:
> Okay, this one's *fun.*
>
> If by "fun" you mean "spending all afternoon trying to figure out why
> exactly Lookout Explode(tm) is behaving the way it is."
>
> Anyway, I'm using:
>
> Cyrus SASL 2.1.13 with MySQL plugin and NTLM support
> Cyrus IMAPD 2.1.13
>
> LOGIN, PLAIN, CRAM-MD5 and DIGEST-MD5 (+/- TLS) work perfectly with
> SASL2 auth tokens stored in a MySQL table. I decided to try
> recompiling SASL2 to take advantage of NTLM support, as we have a few
> users relying on MS clients.
>
> Problem: MySQL SELECT statements are case insensitive. Cyrus IMAP
> namespace is not. Clients logged into Windows with any case
> variation of their username can authenticate with NTLM. However,
> since the authentication token is passed on to IMAP completely
> unmodified, case variants of the username token other than all-
> lowercase don't map to valid IMAP namespace, and 'LIST "" "INBOX"'
> returns nothing useful.
>
> OE then tries to create an INBOX, but of course has no permission to
> do so, and the request fails.
>
> Is there some equivalent to Samba's "username level" directive that
> could be used to force the user auth token to lowercase somewhere
> along the way?
>
> Thanks for any suggestions!
>
> ----
> Nels Lindquist <*>
> Information Systems Manager
> Morningstar Air Express Inc.
>
>
>
More information about the Info-cyrus
mailing list