multiple authentication methods?

[Igor Brezac]

On Thu, 25 Aug 2005, Tim Strobell (Contractor) wrote:

> > > We need to support Kerberos credentials directly from the clients; pam_krb5
> > > only proxies the username and passwords to the KDC for authentication.
> >
> > I use gssapi authentication with Mutt against Cyrus using the actual
> > Kerberos credentials, so it would seem to work.
>
> Of course -- but can Cyrus be configured to support _both_ Kerberos
> (credentials authenticated via GSSAPI) and LDAP (via saslauthd)?  Some users
> will use Kerberos credentials, others may use username/password which we will
> look up in LDAP.  (It is not necessarily the case that all users will have
> corresponding Kerberos credentials, else pam_krb5 would be appropriate.)

I have not done this, but it should be possible.  You can setup 
ldapdb/auxprop or saslauthd/ldap (or both) and make sure to offer gssapi 
mechanism.

-- 
Igor