On Thu, 09 Aug 2001, Marco Colombo spewed into the ether:
<snip>
> BTW, if really OpenLDAP 2 is build on SASL, you can't really get rid
> of it. You'll have an IMAPD -> LDAP -> SASL (for authentication of
> the LDAP client to the LDAP server) solution.
This is what I'm asking for. Quite a few people are looking for
something like this, from the traffic about LDAP.
<Plain Text>
The current implementation of SASL does not support remote
connectivity.
What most people are looking for is a way to connect to a remote SASL
database with minimal configuration.
The problem with the current design of imapd is that it assumes that
SASL will be available locally in some form, ignoring that it may not
be available there.
Do the pwcheck daemons provide support for this? The SASL database is
not directly available locally, so a client-server type of application
is required which can access SASL. If yes, I'll go with pwcheck or
similar, else either a server has to be hacked into SASL and a client
in the implementation (not what I like, I would be using kerberos if
that was ok), or change imapd so that hooks for other methods can be
easily added in.
</Plain Text>
I cannot make it simpler than the above.
<snip>
> Or they can be "clients" of a simple local /etc/sasldb database.
> The point being that I see no design flaw here.
My point being that it is not easy to hook these into imapd.
<snip>
> So use/write a pwcheck daemon. Or a PAM module, it that fits better.
I'll probably have to do one of these things :(.
> Still I see no reasons you should modify all SASL mechs to be LDAP
> clients instead of using one of the above methods - but you can do it.
Thats not what is being asked for.
Let me put this in another way: From my POV SASL is currently like MS
Access, great for everything on one machine, but not for much else.
What I need is a slightly more featured software, like MS-SQL server,
which can be contacted from over a network.
Hopefully, someone has already implemented this, else thats yet another
thing to be done.
Devdas Bhagat
--
Genius is pain.
-- John Lennon
