[Dovecot] Auth caching and password changes
Angel L. Mateo
amateo at um.es
Mon Oct 22 13:58:10 EEST 2012
El 19/10/12 14:38, Angel L. Mateo escribió:
> Hello,
>
> In my system I have configured auth caching. The problem I have is
> that whenever a user changes his password, he/she can't login to dovecot
> after a while and the scenarios described at
> http://wiki2.dovecot.org/Authentication/Caching are not applied.
>
> I have tried also with "doveadm auth cache flush <login>", but it
> didn't work. He also could to login again if he waits for a time or if I
> run "doveadm auth cache flush" in the server, flushing all auth
> information from cache.
>
> I have attached the log I had when I changed my password (and
> suffered the problem). I have attached my doveconf -n too.
>
I think I have found part of the problem. My problem is that my
authentication chain is first try by ldap (for normal clients
authentication), and if it failed, then try with pam_cas (for webmail
accesses with SSO).
My change password application forms part of webmail, which also uses
an imapproxy, so when I change the password, automatically seems to
enter in the "Early change scenario" (I still haven't found the concrete
reason for this).
But I have tried to manually change the password in my ldap servers,
and it works fine.
So my point is that something related with this authentication chain
provokes this scenario.
My question now is there any way to configure authentication so a
mechanism is only use when connections coming from a set of IPs?
--
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información
y las Comunicaciones Aplicadas (ATICA)
http://www.um.es/atica
Tfo: 868889150
Fax: 868888337
More information about the dovecot
mailing list