On 29-Oct-04, at 5:50 PM, Ken Murchison wrote:
Patrick Gibson wrote:
I'm pretty new to SASL, so this business of old and new secrets is a bit foreign to me. Given that this is a fresh setup, is there a way for me to force the server to assume that all old secrets have been upgraded to the new? Is this what the "sasl_auto_transition" option is for?
Not currently. It might make sense to add an option to SASL which disables lookup of old secrets. Before I started looking into this however, I'd really like to know what, if any, the performance hit making two auxprop queries really is.
My guess is that the performance hit would typically be pretty marginal. I'm just thinking a bit into the future when there could be several hundred mail logins happening at the same time while the server is also serving dynamic web sites, etc, and wanting to make sure the mail server is using only as many resources as it really needs to. I guess for now I'll just live with a redundant query for every login...
Keep in mind that its only redundant because you've hard-coded the property in your SELECT statement. The SASL mechs are actually requesting two properties, but your SELECT statement isn't using the %p variable, so every property gets mapped to PASSWORD.
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
