[Dovecot] dovecot + LDAP-SASL ?
Timo Sirainen
tss at iki.fi
Tue Aug 7 11:20:08 EEST 2007
On Tue, 2007-08-07 at 08:38 +0200, Hadmut Danisch wrote:
> Hi,
>
> just a question:
>
> I know that dovecot supports SASL authentication and supports LDAP.
> Which means that dovecot performs the SASL methods itself and stores the
> plaintext secret on LDAP.
>
> But it is also possible to have the LDAP do the SASL work and dovecot just
> pass SASL messages through? Even when the LDAP server uses a proprietary
> SASL method not supported by dovecot?
For plaintext authentication you can use authentication binds and have
the password stored on LDAP side in any way you want.
For non-plaintext authentication Dovecot needs the secret in plaintext
or some other specific format. LDAP doesn't support "SASL forwarding".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20070807/e24a8859/attachment.bin
More information about the dovecot
mailing list