Ok thanks, i've never used Kerberos before, I'm gonna give it a try, to
see if it can dispatch an auth request to various backends (LDAP, SQL, ...)
Right now, Thomas Harding's idea of an openldap instance as a proxy is
just what I needed, given that all my backends are openldap servers
On 27/03/2017 17:00, cyrus-sasl-requ...@lists.andrew.cmu.edu wrote:
Re: a proxy for multiple sasl instances
Message: 1
Date: Sun, 26 Mar 2017 14:54:43 -0400
From: Giles Malet<gdma...@uwaterloo.ca>
To:cyrus-sasl@lists.andrew.cmu.edu
Subject: Re: a proxy for multiple sasl instances
Message-ID:<20170326145443.48e8f...@pikinin.baleka.xyz>
Content-Type: text/plain; charset=US-ASCII
Thomas Harding<t...@thomas-harding.name> wrote:
Why don't use an Openldap instance as proxy ?
Or what about using PAM? It's designed for exactly this "stacking". We have
saslauthd configured to talk to PAM, and then two different KRB servers stacked up. If
auth fails on one, it tries the next. You could do the same for LDAP.
g
------------------------------
Subject: Digest Footer
_______________________________________________
Cyrus-sasl mailing list
Cyrus-sasl@lists.andrew.cmu.edu
https://lists.andrew.cmu.edu/mailman/listinfo/cyrus-sasl
------------------------------
End of Cyrus-sasl Digest, Vol 137, Issue 16
*******************************************
