Custom Authentication Method
Aki Tuomi
aki.tuomi at open-xchange.com
Tue Mar 1 06:15:56 UTC 2022
> On 01/03/2022 03:54 Matthew R <matthew at staff.libraryofcode.org> wrote:
>
>
> Hi guys, we're using Dovecot/Postfix here for our mail system. I'd like to switch the `passdb` authentication on Dovecot from PAM over to a custom implementation. We'd prefer to have some sort of script check the password with an external IAM provider via HTTP. Is there any way we can accomplish this?
> The idea is to have Dovecot somehow call a script or send a username/password to some service, which checks the username/password against the identity provider and returns a “yes/no” back to Dovecot.
>
> `checkpassword` seems like it may work but I see no documentation on its API.
>
>
> Matthew R, AD, FSEN, FSO, FSCR
> Chief Director of Engineering & Chairman of the Board of Directors
> Library of Code sp-us
> matthew at staff.libraryofcode.org
Hi!
Your best choice is to use a Lua script, see https://doc.dovecot.org/configuration_manual/authentication/lua_based_authentication/
Aki
More information about the dovecot
mailing list