multiple vServers using same authentication backend ...
Marc G. Fournier
scrappy at hub.org
Sat Mar 25 01:21:51 EST 2006
right now, I have a mess I'd like to figure out *some* way of cleaning up
... just not sure the cleanest way to do it ...
right now, I have sasl setup to do authentication for imap against a
PostgreSQL database ... works like a charm, *except* that I have >300
databases, one per IP/vServer and growing ... considering that each auth
table in each database contains *maybe* a half dozen users, it seems like
a hellish amount of wasted resources ...
What I'd like to do is merge them all into one database, but, if I do
that, then user on vServer A will be able to see vServer Bs passwords and
such ... so, that won't work ...
Is there a simple way I can do this?
Basically, what I need to do is some sort of 'intermediary' process that
runs on the database server, like saslauthd, that talks to the database
and authenticates the passwd ... but doesn't give access to look at the
passwords ... from what I understand, I can't run saslauthd on a seperate
machine from the imap daemons themselves, nor use it in front of a
database backend .... so are there any other options that I'm overlooking?
Marc G. Fournier Hub.Org Networking Services (http://www.hub.org)
Email: scrappy at hub.org Yahoo!: yscrappy ICQ: 7615664
More information about the Info-cyrus