saslauthd patch for the bind-like method with SASL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello all.

I wrote an attached patch to work with the following case.
How about merge this patch to the cyrus-sasl source tree?

When you use the SASL authentication with LDAP, you specify
the attribute used as a user ID in the LDAP server configuration
(for example, sasl-regexp in OpenLDAP).

In my case, the user ID a user enters is not the attribute
specified as SASL authentication user ID: a user enters
his or her mail user name, but the LDAP server accepts
only emploee IDs for the SASL authentication (and could not
configure the LDAP server to use mail user names as SASL
authentication ID for some reasons) .

To work with the above case, my patched saslauthd authenticates
a user as following:

1. First, binds the LDAP server with ldap_id or ldap_bind_dn
2. Searches for the user object to the authenticate,
   with the ID the user entered.
3. Retrieves the attribute in the user object, which can use
   for the SASL authentication.
4. Binds with the retrieved SASL user ID and the password
   the user entered.

This works like the bind method do, but can be used with SASL.
I'm happy if I can use this feature in the upstream cyrus-sasl.

-- 
IKEDA Yasuyuki <devld@xxxxxxxxx>

Attachment: cyrus-sasl-2.1.25-saslbind.patch
Description: Binary data


[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux