Michael Ulitskiy wrote: > Hello, > > Is there a way in cyrus/sasl to transparently change user authid according to result of some sql query? > I.e. I want that if user successfully authenticates as user 'john' to transparently change his authid to user > 'jack' and so let him see user.jack as his INBOX. > After initial reading of documentation I thought I could something like the following: > > sasl_sql_select: SELECT password as userPassword, mailbox as authid FROM emails WHERE username='%u' and domain='%r' > > I can do all kind of username/domain translation within sql domain (views/stored procedures/etc) so there's no problem to > authenticate someone as someone else there, but how can I change the authid? Can it be done with Cyrus/SASL? > Thanks, > Michael, Cyrus SASL provides a canonicalization plugin hook to provide that service. The result of the canonicalization action determines what user id gets passed up to the calling application. Currently, there is only an LDAP canon_plugin, and it's only available in CVS. See 'doc/plugprog.html' in the source tree, and: https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/~checkout~/src/sasl/doc/options.html?rev=1.33;content-type=text/html for ldapdb documentation. - Dan ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
