[Dovecot] Can Auth dict proxy protocol be used to validate a password?
I'm interested in using authentication via a UNIX socket as documented at http://wiki2.dovecot.org/AuthDatabase/Dict.
(We are currently using a checkpassword script to enable us to authenticate against a django app that stores passwords in pbkdf2 format, but I'm concerned about scalability as we grow - specifically the comment about performance on http://wiki2.dovecot.org/AuthDatabase/CheckPassword).
The example clearly shows retrieving a password, but is there some way to validate a password that was provided the way a checkpassword script does?
Otherwise, for performance reasons, perhaps we should implement a new password scheme directly for dovecot?
Thanks-
Tom
On 7.5.2014, at 6.30, Thomas Johnson <tj@terramar.net> wrote:
I'm interested in using authentication via a UNIX socket as documented at http://wiki2.dovecot.org/AuthDatabase/Dict.
(We are currently using a checkpassword script to enable us to authenticate against a django app that stores passwords in pbkdf2 format, but I'm concerned about scalability as we grow - specifically the comment about performance on http://wiki2.dovecot.org/AuthDatabase/CheckPassword).
The example clearly shows retrieving a password, but is there some way to validate a password that was provided the way a checkpassword script does?
You can make it work the same as with e.g. SQL. Don't return a password and return nopassword=y and return success only if the authentication succeeded.
participants (2)
-
Thomas Johnson
-
Timo Sirainen