I'm thinking that in my case this isn't necessarily a problem because the clients will not be able to reach the back end servers so all communication will have to be proxied.
Hank ----- Original Message ----- From: "Rob Siemborski" <[EMAIL PROTECTED]> To: "Ken Murchison" <[EMAIL PROTECTED]> Cc: "Hank Beatty" <[EMAIL PROTECTED]>; "Cyrus-Info" <[EMAIL PROTECTED]> Sent: Friday, January 31, 2003 4:35 PM Subject: Re: Murder and Backend Authentication > On Fri, 31 Jan 2003, Ken Murchison wrote: > > > Like Rob said, just PLAIN, which will require you to use STARTTLS, which > > is only in 2.2. That being said, since you will likely only have one or > > two proxy admins, you could just put them in sasldb2 and use DIGEST-MD5. > > This may break some clients, since they may then try to authenticate using > DIGEST-MD5 to the backend (Say, via a referral), and then get upset when > they can't. > > You really want a uniform authentication enviornment for the aggregator. > > -Rob > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 > Research Systems Programmer * /usr/contributed Gatekeeper >