[Dovecot] Testing EXTERNAL AUTHENTICATION

Timo Sirainen tss at iki.fi
Wed Mar 17 00:47:45 EET 2010


And you also tested the external with the {PLAIN} too, right? Well, maybe it also wants nopassword=y extra field. See http://wiki.dovecot.org/AuthDatabase/PasswdFile how to add it. Maybe I should add {ANY} or something that makes "accept any password" easy..

On 17.3.2010, at 0.41, Stephen Feyrer wrote:

> Hi.
> 
> It didn't work.  I tried first with {EXTERNAL} and then with {PLAIN} the result below was the same in both cases.
> 
> ---
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=EXTERNAL] Dovecot ready.
> a LOGIN username-from-cert ""
> a NO [ALERT] Unsupported authentication mechanism.
> DONE
> 
> --
> Thanks
> 
> Stephen Feyrer
> 
> On Tue, 16 Mar 2010 22:12:11 -0000, Timo Sirainen <tss at iki.fi> wrote:
> 
>> On 17.3.2010, at 0.04, Stephen Feyrer wrote:
>> 
>>> The tests using SASL and SASL-IR in Thunderbird both fail to authenticate.  I have tried using openssl s_client with the same result.  I've run the auth command in three ways just to be sure I got the second example right.  I even checked to make sure I've spelt my name right and the case of the letters.
>> 
>> EXTERNAL auth works only if this this also works:
>> 
>> a LOGIN username-from-cert ""
>> 
>> i.e. login with empty password.
>> 
>>> passdb:
>>>   driver: passwd-file
>>>   args: /opt/etc/dovecot/passwd
>>> userdb:
>>>   driver: passwd
>>> 
>>> /opt/etc/dovecot/passwd
>>> Stephen:{EXTERNAL}
>> 
>> So try {PLAIN} here.
>> 
>> 
> 



More information about the dovecot mailing list