[Date Prev][Date Next] [Chronological] [Thread] [Top]

Has anyone found a workaround? SASL/LDAP

Was wondering if anyone has found a workaround for the SASL reentrancy
problem that occurs when... well, this is the situation I ran into the
first time I tried this. (about a year ago, and I wasn't using a SASL
version that shipped with saslauthd)

I want to use LDAP as a centralized user database. Trouble is, OpenLDAP 2
uses the CMU SASL Library and so does my IMAP/POP server of choice, CMU's
Cyrus. So the user goes to log in, gets authenticated against the LDAP
database using SASL, the SASL library gets called again by OpenLDAP,
and... well... it's just messy.

My plan is to use saslauthd and PAM (pam_ldap) to authenticate people to
the Cyrus server. Would using PAM avoid this problem? Previously I used a
hacked-up copy of the SASL pwcheck daemon that first checked /etc/passwd
and then LDAP - perhaps using saslauthd will eliminate the reentrancy

JustThe.net Internet & Multimedia Services
22674 Motnocab Road * Apple Valley, CA 92307-1950 
Steve Sobol, Proprietor 
888.480.4NET (4638) * 248.724.4NET * sjsobol@JustThe.net