Timo Sirainen a écrit :
On Jun 12, 2009, at 9:45 AM, Geoffroy Desvernay wrote:
For a single webmail connection per login, it work, thanks to cache_key using client's IP.
But for multiple use of the same login in the webmail, there are more than one 'password' valid at a time…
What may be the 'correct' solution:
The only usable solution I see is to disable negative auth caching and use this patch from v1.2: http://hg.dovecot.org/dovecot-1.2/rev/8a23ab43132a
Thank you !
I compiled 1.1.16 with this patch (applied manually).
If I understand what it does (I'm not sure at all), It just allow disabling negative caching of wrong passwords, but it doesn't allow to cache multiple passwords for one 'cache_key', am I right ?
In my test-case, this patch allows the webmail to work, getting a new ticket for each IMAP connection (1 login failure then login success with a new ticket) in case of concurrent connections with a same login. (the last who clicks kicks out others from the cache)
I think dovecot understands this as a 'password change', and this behaviour seems correct for all but this case :(
How difficult would it be to keep cached more than one password by key ?
-- *Geoffroy Desvernay* C.R.I - Administration systèmes et réseaux Ecole Centrale de Marseille Tel: (+33|0)4 91 05 45 24 Fax: (+33|0)4 91 05 45 98 dgeo@centrale-marseille.fr