Hi! I'm trying to use the openchange connector, with very promising results, so I want to thank you for the hard efforts which hopefully will be a success soon! However, what I didn't like about it the hardcoded passwords in openchange.ldb. I thought about a solution, and I guess the concept of different authentication and authorization IDs of IMAP/SASL could be useful. So openchange/sogo should authenticate with a "proxy" user, but use the "real" user as an authorization ID. This works well in the cyrus imap server. Browsing of the source code I realised, that it shouldn't be too hard to implement it:- SOPE NGImap4Client can be extended with an authorization ID member- IMAP "AUTHENTICATE" should be used instead of "LOGIN", with the PLAIN mechanism for starting- The IMAP URL has to be extended to include the authorization ID Maybe this can be extended in the future to support other SASL mechanisms, too (like GSSAPI for Kerberos)What do you think about it? Br,György-- [email protected] https://inverse.ca/sogo/lists
