Hello - thanks for the response.. As requested.. and a few other things..
/etc/httpd/conf.d/SOGo.conf
***********************************
<Location /SOGo>
AuthType Kerberos
Require valid-user
SetEnv proxy-nokeepalive 1
Allow from all
KrbAuthRealms EXAMPLE.COM
KrbServiceName HTTP/host.example....@example.com
Krb5Keytab /etc/httpd/krb5.keytab
KrbLocalUserMapping On
RewriteEngine On
RewriteRule .* - [E=SOGO_REMOTE_USER:%{REMOTE_USER}]
</Location>
ProxyRequests Off
SetEnv proxy-nokeepalive 1
ProxyPreserveHost On
ProxyPass /SOGo http://127.0.0.1:20000/SOGo retry=0
<Proxy http://127.0.0.1:20000/SOGo> [^]
RequestHeader set "x-webobjects-server-port" "80"
RequestHeader set "x-webobjects-server-name" "host"
RequestHeader set "x-webobjects-server-url" "http://host";
RequestHeader set "x-webobjects-remote-user" "%{REMOTE_USER}e"
RequestHeader set "x-webobjects-server-protocol" "HTTP/1.0"
RequestHeader set "x-webobjects-remote-host" %{REMOTE_HOST}e
env=REMOTE_HOST
AddDefaultCharset UTF-8
Order allow,deny
</Proxy>
RewriteEngine On
RewriteRule ^/SOGo/(.*)$ /SOGo/$1 [env=REMOTE_HOST:%{REMOTE_ADDR},PT]
***********************************
And actually - I got this working okay. But the problem still seems to be
that I have dovecot working with Kerberos - I can telnet into the IMAP
port using my username and password and it works just fine..
******************
[root@centos01 httpd]# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
STARTTLS AUTH=PLAIN] Dovecot ready.
. login username password
. OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT
CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC
ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS] Logged in
***********************************
My dovecot config looks like this:
***********************************
[root@centos01 httpd]# dovecot -n
# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-279.19.1.el6.x86_64 x86_64 CentOS release 6.3 (Final)
auth_debug = yes
auth_debug_passwords = yes
auth_username_format = %Lu
auth_verbose = yes
disable_plaintext_auth = no
mbox_write_locks = fcntl
passdb {
driver = pam
}
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
args = uid=503 gid=503 home=/home/vmail/%u
driver = static
}
***********************************
The pam_dovecot looks like this...
***********************************
[root@centos01 httpd]# cat /etc/pam.d/dovecot
#%PAM-1.0
auth sufficient pam_krb5.so no_user_check validate
account sufficient pam_permit.so
[root@centos01 httpd]#
However, when I log into SOGo, then I get the error in my
/var/log/maillog.
Jan 10 16:19:45 centos01 dovecot: auth: Debug: pam(user,127.0.0.1): lookup
service=dovecot
Any ideas?
Thanks -
Chris
From: Khapare Joshi <khapar...@gmail.com>
To: users@sogo.nu
Date: 01/10/2013 02:29 PM
Subject: Re: [SOGo] authentication with kerberos
can you share how did you configure sogo with kerberos ?
On Thu, Jan 10, 2013 at 8:03 PM, <cmsch...@rockwellcollins.com> wrote:
Is there anyway for SOGO to authenticate with UPPERCASE domain names? I
was
having issues with Dovecot with LDAP, so i configured it with Kerberos,
which
works great. However, when SOGO passes the authentication piece to
Dovecot, it
uses a lowercase domain name..
i.e.
u...@example.com
instead of
u...@example.com for kerberos to work.
Any insight?
Thanks -
Chris
CentOS release 6.3 (Final) 2.6.32-279.19.1.el6.x86_64
sogo-2.0.3a-1.centos6.x86_64
postfix-2.6.6-2.2.el6_1.x86_64
dovecot-2.0.9-2.el6_1.1.x86_64
--
users@sogo.nu
https://inverse.ca/sogo/lists
--
users@sogo.nu
https://inverse.ca/sogo/lists
