Patch to force realm specifications from IMAPD

Mon Sep 29 10:26:12 EDT 2003

On Mon, 2003-09-29 at 08:17, Igor Brezac wrote:
> The cvs version of saslauthd has ldap_default_realm.

This would not fill the same function - see below.

> Why don't you hard code the realm here "uid=%U,ou=myrealm,o=LDAP"?  You
> run a separate imapd/pop3d/saslauthd/slapd instance for each domain...

Because I'll be using a single saslauthd instance to authenticate all
the imapd (et al) instances - each of those with their own "forced"
realm.  Thus, the '%r' is the determining factor here: it MUST be part
of the filter in order for the namespaces to be completely separate.

Thus, the saslauthd must be able to find users for different realms on
the same LDAP tree, and because there's no other way of telling it how
to find the users for a particular realm, this patch had to be hatched
:)

Is this clearer?  Please tell me if there is (was) an easier way of
accomplishing this.

Kerberos (and other domain-enabled mechanisms) are out of the question
at this point in time.

Best

-- 
===========================================================
* Diego Rivera                                            *
*                                                         *
* "The Disease: Windows, the cure: Linux"                 *
*                                                         *
* E-mail: lrivera<AT>racsa<DOT>co<DOT>cr                  *
* Replace: <AT>='@', <DOT>='.'                            *
*                                                         *
* GPG: BE59 5469 C696 C80D FF5C  5926 0B36 F8FF DA98 62AD *
* GPG Public Key avaliable at: http://pgp.mit.edu         *
===========================================================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20030929/bd4a517f/attachment.bin