> Hello, > > The company I work for has been using Cyrus IMAP for several years with no problems. However, due to some new security policies, we have to make some > changes in how we're authenticating. > > After reading the SASL docs and examining some of the plugin code, it appears > to me that what I need is to be able to handle the password validation for the > PLAIN and LOGIN authentication methods. For handling of external password validation, you can have a look at the NuFW project (http://www.nufw.org) In particular look at the sasl.c file code : http://nufw.org/doxygen/sasl_8c-source.html The function userdb_checkpass does the stuff : http://nufw.org/doxygen/sasl_8c-source.html#l00108 For your information, NuFW is an authenticating firewall based on Netfilter. More details on the website. > > I've looked at the plugin that implements the PLAIN method (code in plugins/plain.c), and it looks like I could modify that code into a new plugin > that will do what I need. However, I have been unable to find the code that > handles the password validation for the LOGIN auth. I have tried modifying > the LOGIN plugin in plugins/login.c, but as far as I can tell, it isn't being > used. > > I don't have any previous experience using SASL, so I admit that I may have > missed something that should have been obvious. > > Can anyone give me a suggestion on where to go from here? If possible, I'd > like to confine any coding to plugins or other external routines so that I don't have to change any of the IMAP or SASL routines. > > Any information on where the implementation of the IMAP LOGIN method in the > source would be appreciated as well. > > Thanks > Dan Ellison > > > Eric Leblond INL : http://www.inl.fr NuFW, Now User Filtering Works (http://www.nufw.org)
