how to enable digestmd5 and crammd5 ?

Goetz Babin-Ebell goetz at shomitefo.de
Fri Apr 20 04:55:19 EDT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dmitriy Kirhlarov schrieb:
> On Fri, Apr 20, 2007 at 09:47:07AM +0530, JOYDEEP wrote:
>> Goetz Babin-Ebell wrote:
>>> JOYDEEP schrieb:
>>>>> But I have come to know that digest-md5 and cram-md5 need sasldb. so
>>>>> here I can't use it as my users and passwords are stored in LDAP.
>>>>> any idea ?

>> I am already running SSL aka imaps. but still was interested about
>> cram-md5 and digest-md5 for secured authorization.
> 
> 1. have to store plaintext passwords in ldap directory.
> 2. ACL on ldap directory must be configured for open access to
> userPassword field for read, not only for auth.
And with that open a can of worms I don't think Joydeep want to open...

> 3. cyrus imapd must use saslauthd for authentication.
> 4. saslauthd must have access to users passwords in ldap and must have
> configured ldapdb_mech option.
So cyrus can't do plain cram-md5 / digest-md5 with LDAP
But saslauthd can.
Something new...

Bye

Goetz

- --
DMCA: The greed of the few outweights the freedom of the many
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGKH/32iGqZUF3qPYRAhcPAJ45bQSFXw2WPWs1bsn+HxVlSiyV4ACggBf/
zPRxZjvSXJ9P1YoPQrdzUbk=
=P2TE
-----END PGP SIGNATURE-----


More information about the Info-cyrus mailing list