multiple vServers using same authentication backend ...

Marc G. Fournier scrappy at hub.org
Sat Mar 25 01:21:51 EST 2006


right now, I have a mess I'd like to figure out *some* way of cleaning up 
... just not sure the cleanest way to do it ...

right now, I have sasl setup to do authentication for imap against a 
PostgreSQL database ... works like a charm, *except* that I have >300 
databases, one per IP/vServer and growing ... considering that each auth 
table in each database contains *maybe* a half dozen users, it seems like 
a hellish amount of wasted resources ...

What I'd like to do is merge them all into one database, but, if I do 
that, then user on vServer A will be able to see vServer Bs passwords and 
such ... so, that won't work ...

Is there a simple way I can do this?

Basically, what I need to do is some sort of 'intermediary' process that 
runs on the database server, like saslauthd, that talks to the database 
and authenticates the passwd ...  but doesn't give access to look at the 
passwords ... from what I understand, I can't run saslauthd on a seperate 
machine from the imap daemons themselves, nor use it in front of a 
database backend .... so are there any other options that I'm overlooking?

Thx

----
Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
Email: scrappy at hub.org           Yahoo!: yscrappy              ICQ: 7615664


More information about the Info-cyrus mailing list