multiple authentication methods?
Patrick Radtke
phr2101 at columbia.edu
Thu Aug 25 14:15:13 EDT 2005
Have you tried
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN GSSAPI
Our pine users connect useing a Kerb5 ticket.
Our other users (like Apple Mail) send us a username/password over a
secure connection.
They are then validated by saslauthd.
-Patrick
On Aug 25, 2005, at 12:42 PM, Tim Strobell ((Contractor)) wrote:
>>> We need to support Kerberos credentials directly from the
>>> clients; pam_krb5
>>> only proxies the username and passwords to the KDC for
>>> authentication.
>>>
>>
>> I use gssapi authentication with Mutt against Cyrus using the actual
>> Kerberos credentials, so it would seem to work.
>>
>
> Of course -- but can Cyrus be configured to support _both_ Kerberos
> (credentials authenticated via GSSAPI) and LDAP (via saslauthd)?
> Some users
> will use Kerberos credentials, others may use username/password
> which we will
> look up in LDAP. (It is not necessarily the case that all users
> will have
> corresponding Kerberos credentials, else pam_krb5 would be
> appropriate.)
>
> I suspect the answer is no, but I need independent verification.
>
> -Tim
>
> --
> Tim Strobell, Sr. Systems Administrator V
> 202 767 8449
> Center for Computational Science, Naval Research Lab F
> 202 404 7402
> Code 5595 (A49-32), 4555 Overlook Ave SW, Washington DC 20375
> ----
> Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
>
More information about the Info-cyrus
mailing list