[Dovecot] Authentication cache, failure to login after changed password
Timo Sirainen
tss at iki.fi
Sun May 17 22:13:55 EEST 2009
On Sun, 2009-05-17 at 21:09 +0200, Tom Sommer wrote:
> Timo Sirainen wrote:
> >> The cache seems to be faulty somehow, I wish there was a way to dump the
> >> contents of the cache to debug this, because somehow I cannot forcefully
> >> reproduce it.
> >>
> >
> > Here's a way:
> >
> > 1. Try to log in unsuccessfully.
> > 2. Change the password.
> > 3. Try to log in with the changed password -> doesn't work, because the
> > old one is still cached.
> >
> If the auth is unsuccessful (cache missmatch), the cache should then go
> for a lookup in the passdb, correct?
Only when the previous authentication was successful.
> > # TTL for negative hits (user not found). 0 disables caching them completely.
> > #auth_cache_negative_ttl = 3600
> >
> > I suppose there could be a new setting to use auth cache only for
> > successful lookups..
> >
> I don't understand why it would cache negative lookups if I set
> negative_ttl to 0, even if the setting isn't suppose to work that way
> currently, it should.
Hmm. Maybe.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20090517/62c9390e/attachment.bin
More information about the dovecot
mailing list