[Dovecot] External auth

Timo Sirainen tss at iki.fi
Thu Dec 19 23:34:35 EET 2013

On 18.12.2013, at 12.26, eechim enorniel <enorniel at gmail.com> wrote:

> I saw a lot of tutorials about setting postfix with dovecot sasl but I
> would like more.
> I want to set a SSO system with roundcube on dovecot.
> I would like to know how to make dovecot work with sasl or saml, not as a
> provider but as a service plugging on an external provider.
> I saw there is an EXTERNAL auth mechanism but I didn't find any doc about
> it.

There isn't really any standard way to do this, unless you count setting up a master password login from your webmail. Several systems have implemented their own SSO auth mechanisms that pass the token to Dovecot, which then verifies it from some external server. I was thinking about creating some semi-standard for that, but not implemented yet. And in any case it would still require some way of verifying the token from all kinds of different SSO servers, so it's not some quick task and I'm not sure if it should be something that would be even distributed with Dovecot.

More information about the dovecot mailing list