[Dovecot] how authentication works?
Mihamina Rakotomandimby
mihamina at gulfsat.mg
Mon May 17 20:38:49 EEST 2010
Manao ahoana, Hello, Bonjour,
I've read:
http://wiki.dovecot.org/Authentication/PasswordSchemes
I have a users database with clear plain passwords.
Dovecot authenticates users without problems against it.
Now, it's time to move to CRYPT scheme.
Before that, I would like to know how things happen.
He have:
- the user, (entering his password in the MUA)
- the user's MUA (Thunderbird, Outlook, Squirrelmail,...)
- the POP or IMAP server
- the users database (mySQL) with username and crypt()'d password
How I think the process is:
- the user enters his password in a clear way.
- the MUA sends the password as the user entered it to the POP or IMAP
server
- the POP or IMAP server fetches the password from the database
- the POP or IMAP server crypt()'s the user entered password
- the POP or IMAP server compares crypt()'d ones and gives his response
Am I close enough to reality? Too far?
Misaotra, Thanks, Merci.
--
Architecte Informatique chez Blueline/Gulfsat:
Administration Systeme, Recherche & Developpement
+261 3456 000 19
More information about the dovecot
mailing list