[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: saslAuthz{To|From}

> For now, I rather just try to make u.mech:user@REALM work
> reasonable well.  I don't see any good way of fixing the '@'
> problem without first fixing Cyrus SASL so as to never append
> a REALM to a userid in this fashion UNLESS the mechanism
> authentication identity format specifically supports realms
> (e.g., Kerberos).  This means that DIGEST-MD5 realms need to
> be treated as only distinguishing which authentication
> database to use, but not as means for distinguishing identities.

Got your fix; however, there's still no way to distinguish
between "<userid>@<realm>" and "userid" including a "@" char;
now we assume the realm has precedence over the fancy userid.

Needs work ...


Pierangelo Masarati