I want to be able to provide the absolute path to the user's INBOX.
I should probably share a little background information about this project.
I've got a unified messaging system (voicemail) which stores files in a Maildir-like structure. It lends itself pretty easily to using an IMAP server to fetch messages. Our UM client has IMAP built into it and in fact this is how it is working today with the vendor's system which we are trying to replace.
Quite simply, there's a plain text username and password stored in the database. I've already got a very simple C program written which is linked to libmysqlclient which connects to the database and fetches the username and password as would be presented to it if the IMAP client had sent something along the lines of:
a01 LOGIN 1234567890@xxxxxxxxxxxxxxxxxxx <password>
I know very little about cyrus IMAP or cyrus SASL; however, the current vendor's system uses both to do this very function.
So, if I understand the plugproc documentation correctly, I could either
A) Write an auxprop plugin to simply provide SASL with the information I have fetched and allow it to do the authentication bits
or
B) write a server plugin to handle both.
-Daniel
On Fri, Oct 10, 2008 at 2:14 PM, Dan White <dwhite@xxxxxxx> wrote:
Daniel,
You have several options. I assume you've looked in to the SQL auxprop plugin and determined that it is not sufficient for your needs.
You can write a custom auxprop plugin to retrieve your authentication information from. You cannot (by design) have your auxprop plugin perform the actual authentication itself, but you can store usernames and passwords (in the clear). Auxprop plugins function like a database store.
You can write a custom saslauthd backend to perform the authentication. Saslauthd gets passed the username and password and essentially returns a yes or no to the server application. Stored passwords don't need to be in the clear and can be hashed, as long as your backend has enough knowledge to verify the submitted password against it. Using this approach limits the number of authentication mechanisms that your IMAP server can offer to clients. You won't be able to offer more complex mechanisms, such as DIGEST-MD5, that require a known shared secret.
The SQL auxprop plugin might be a good plugin to base your's on.
What information are you wanting to provide the IMAP server with regards to its location? The name of the mailbox?
- Dan
Daniel Corbe wrote:
Can you quickly give me a hit of where I need to start?
I simply want to be given a username and password, that I can do a database query and acknowledge whether it is correct or not and then provide some basic information to the IMAP server to tell it where the user's INBOX is located, etc.
Would I need to write a sasl server plugin or an auxprop plugin for this?
-Daniel
On Tue, Sep 30, 2008 at 1:28 PM, Dan White <dwhite@xxxxxxx <mailto:dwhite@xxxxxxx>> wrote:
Daniel Corbe wrote:
Hi,
I was wondering if anyone could point me in a general direction
of writing a custom authentication plugin for SASL so I can get
Cyrus IMAP working off of my custom database.
Thanks.
-Daniel
There is a short SASL Plugin Programmer's Guide, located in
/doc/plugprog.html within the source.
- Dan