Re: BSD authentication username rewrite
On 12 maj 2008, at 12.08, LIVAI Daniel wrote: Could this be a help for you? http://wiki.dovecot.org/Authentication/Kerberos thanks, but that i GSSAPI-authentication - i.e. not password authentication against a kerberos realm. jakob
Re: BSD authentication username rewrite
On Monday 12 May 2008 12.01.29 you wrote: > On 12 maj 2008, at 11.43, LIVAI Daniel wrote: > > Just simply out of curiosity; why don't you use dovecot with > > virtual users in plain text passwd-file style, or even sql/ldap? > > 'cause the users are provisioned using kerberos. > > jakob Could this be a help for you? http://wiki.dovecot.org/Authentication/Kerberos Daniel -- LEVAI Daniel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
Re: BSD authentication username rewrite
On 12 maj 2008, at 11.43, LIVAI Daniel wrote: Just simply out of curiosity; why don't you use dovecot with virtual users in plain text passwd-file style, or even sql/ldap? 'cause the users are provisioned using kerberos. jakob
Re: BSD authentication username rewrite
On Monday 12 May 2008 10.09.19 you wrote: > hi, > > I have an imap server (dovecot) that can auhenticate using BSD > authentication. however, when imap server requests authenitcation for > user xyzzy, I'd like the bsd authentication layer to authenticate > user 'xyzzy/mail' (which has a separate password in kerberos). I can > see multiple solutions to this: > > 1) have dovecot rewrite the username before sending it to bsdauth > > 2) have bsdauth add /main to the username before authentication. this > might be more generic and will make it easier for other apps to use > separate password for some apps (using an option to login.conf). > > > comments and/or ideas? Just simply out of curiosity; why don't you use dovecot with virtual users in plain text passwd-file style, or even sql/ldap? Daniel -- LEVAI Daniel GPG key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
BSD authentication username rewrite
hi, I have an imap server (dovecot) that can auhenticate using BSD authentication. however, when imap server requests authenitcation for user xyzzy, I'd like the bsd authentication layer to authenticate user 'xyzzy/mail' (which has a separate password in kerberos). I can see multiple solutions to this: 1) have dovecot rewrite the username before sending it to bsdauth 2) have bsdauth add /main to the username before authentication. this might be more generic and will make it easier for other apps to use separate password for some apps (using an option to login.conf). comments and/or ideas? jakob