[Dovecot] auth_cache multiple passwords ?

Geoffroy Desvernay dgeo at centrale-marseille.fr
Tue Jun 16 15:06:21 EEST 2009


Timo Sirainen a écrit :
> On Jun 12, 2009, at 9:45 AM, Geoffroy Desvernay wrote:
> 
>> For a single webmail connection per login, it work, thanks to cache_key
>> using client's IP.
>>
>> But for multiple use of the same login in the webmail, there are more
>> than one 'password' valid at a time…
>>
>> What may be the 'correct' solution:
> 
> The only usable solution I see is to disable negative auth caching and
> use this patch from v1.2:
> http://hg.dovecot.org/dovecot-1.2/rev/8a23ab43132a
> 
Thank you !

I compiled 1.1.16 with this patch (applied manually).

If I understand what it does (I'm not sure at all), It just allow
disabling negative caching of wrong passwords, but it doesn't allow to
cache multiple passwords for one 'cache_key', am I right ?

In my test-case, this patch allows the webmail to work, getting a new
ticket for each IMAP connection (1 login failure then login success with
a new ticket) in case of concurrent connections with a same login. (the
last who clicks kicks out others from the cache)

I think dovecot understands this as a 'password change', and this
behaviour seems correct for all but this case :(

How difficult would it be to keep cached more than one password by key ?

-- 
*Geoffroy Desvernay*
C.R.I - Administration systèmes et réseaux
Ecole Centrale de Marseille
Tel: (+33|0)4 91 05 45 24
Fax: (+33|0)4 91 05 45 98
dgeo at centrale-marseille.fr


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
Url : http://dovecot.org/pipermail/dovecot/attachments/20090616/27853d72/attachment.bin 


More information about the dovecot mailing list