[Dovecot] CAS Authentication

de Lafond Guillaume gdelafond+dovecot at aquaray.com
Tue Oct 16 16:56:00 EEST 2012


Hi,

> Hi.I'm very sorry for the repost but I forgot the subject.
> So,  I'm 
> using dovecot 2.0.18 and I'm trying to authenticate through a CAS server
> (until now authentication was through MS Active Directory). I could not
> find anywhere some examples, so here is what i have done so far.
> -install phpcas and pam_cas
> -edit /etc/pam.d/dovecot
>                   auth    sufficient      /lib/security/pam_cas.so -simap://webmail.mydomain.com -f /etc/pam_cas.conf
> -edit
> /etc.pam_cas.conf
>                   host mycas.mydomain.com 
>                   port 443 
>                   uriValidate /cas/proxyValidate 
>                   ssl on 
>                   proxy ??????????????????????? 
>                   trusted_ca /etc/cert/certificate.pem 
>                   debug
> on
> 
> - and finally dovecot.conf which I'm sure is complety wrong
>               userdb {
>               args = /etc/dovecot/dovecot-ldap.conf
>               driver = ldap
>               }
>              passdb {
>              driver = pam
>              args = cache_key=%u dovecot
>              }


Could you try with "failure_show_msg=yes" on passdb args ?
You can try without the "proxy" line in pam_cas.conf and a static userdb with allow_all_users=yes (in place of ldap configuration).

Hope this can help.

You have some logs in /var/log/auth.log (depends of your distrib).

-- 
Guillaume de Lafond
Aqua Ray



More information about the dovecot mailing list