On Tue, 2009-06-16 at 14:06 +0200, Geoffroy Desvernay wrote:
The only usable solution I see is to disable negative auth caching and use this patch from v1.2: http://hg.dovecot.org/dovecot-1.2/rev/8a23ab43132a
Thank you !
I compiled 1.1.16 with this patch (applied manually).
If I understand what it does (I'm not sure at all), It just allow disabling negative caching of wrong passwords, but it doesn't allow to cache multiple passwords for one 'cache_key', am I right ?
Right.
In my test-case, this patch allows the webmail to work, getting a new ticket for each IMAP connection (1 login failure then login success with a new ticket) in case of concurrent connections with a same login. (the last who clicks kicks out others from the cache)
I think dovecot understands this as a 'password change', and this behaviour seems correct for all but this case :(
You did set auth_cache_negative_ttl=0, right? It should have worked then, because whenever authentication from cache fails Dovecot ignores whatever is in the cache and does another passdb lookup.
How difficult would it be to keep cached more than one password by key ?
Way too difficult. But it's not necessary to get your system working.