[Dovecot] Auth caching and password changes

Angel L. Mateo amateo at um.es
Mon Oct 22 13:58:10 EEST 2012


El 19/10/12 14:38, Angel L. Mateo escribió:
> Hello,
>
>      In my system I have configured auth caching. The problem I have is
> that whenever a user changes his password, he/she can't login to dovecot
> after a while and the scenarios described at
> http://wiki2.dovecot.org/Authentication/Caching are not applied.
>
>      I have tried also with "doveadm auth cache flush <login>", but it
> didn't work. He also could to login again if he waits for a time or if I
> run "doveadm auth cache flush" in the server, flushing all auth
> information from cache.
>
>      I have attached the log I had when I changed my password (and
> suffered the problem). I have attached my doveconf -n too.
>
	I think I have found part of the problem. My problem is that my 
authentication chain is first try by ldap (for normal clients 
authentication), and if it failed, then try with pam_cas (for webmail 
accesses with SSO).

	My change password application forms part of webmail, which also uses 
an imapproxy, so when I change the password, automatically seems to 
enter in the "Early change scenario" (I still haven't found the concrete 
reason for this).

	But I have tried to manually change the password in my ldap servers, 
and it works fine.

	So my point is that something related with this authentication chain 
provokes this scenario.

	My question now is there any way to configure authentication so a 
mechanism is only use when connections coming from a set of IPs?

-- 
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información
y las Comunicaciones Aplicadas (ATICA)
http://www.um.es/atica
Tfo: 868889150
Fax: 868888337



More information about the dovecot mailing list