On 24.9.2017 15:03, Sami Ketola wrote:
On 23 Sep 2017, at 23.08, Tapio Sokura oh2kku@iki.fi wrote: I have this kind of a dual-login setup via PAM for regular system user authentication and it's working ok. I'm just wondering about the dovecot part, whether dovecot will do Unexpected Things if more than one user have the same home and mail_location? If it makes any difference, the users can have separate homes, but the mailbox should be the same for usability.
It would break things.
Easier is just to owerwrite userid from user2 to user1 after authentication with another passdb.
Thanks, overriding the userid seems to be working fine.
After getting this to work I realized otp tokens aren't the best for use at the imap layer. The first authentication goes through fine. But on the next imap connections (parallelizing clients and typical webmails) the cached password/otp token has been used already and is rightfully rejected by the backend authentication system.
By turning on auth caching in dovecot I jury-rigged this to work (for the duration of the auth cache), but the clean solution would be something else. Anyway I think I'll settle here for now, better than a static password anyway. Thanks for the comments and keep up the good work with Dovecot!
Tapio