Hi Craig, I just wanted to say that such a 'big picture' is VERY useful. One picture says more than thousand words.
Thanks, Simon > I posted a little while ago with a graphical map of the Cyrus > authentication methods - missing the Mechanism layer completely. > I think I have a better understanding of that now, and have > updated the document appropriately. Comments would be appreciated. > > I'm about as far from an expert on Cyrus as there is, so apologies if > I'm dead wrong about something. I do think that a document like this > will be useful in showing people how things fit together, and the > various different "paths" through which Cyrus can handle > authentication/authorization . There are enough of them, after all ;-) > > Later I'd like to collect and document some common working > configurations for the wiki, if folks are OK with that. I suspect that > the majority of users, at least Linux/BSD users, will probably want to > either hook Cyrus up to their existing PAM setup or plug it directly > into an LDAP directory. (If LDAP can be used for authentication against > MS Active Directory, that's cool ... otherwise NTLM will probably be > another common config). A few starting-point configs might be very > useful here, including an end-to-end explanation of how things fit > together. I plan to write up my config here > (cyrus->sasl->saslauthd->pam->ldap) as an example to start things off. > Again, of course, this is only if it's likely to be useful and if people > think it's a good idea. > > Anyway, the updated diagram is at: > > http://www.postnewspapers.com.au/~craig/cyrus_authentication_map.pdf > http://www.postnewspapers.com.au/~craig/cyrus_authentication_map.sxd > > It's not an explanation of Cyrus's authentication on it's own, but > should be informative in combination with the existing docs. As I > personally found the hardest part about Cyrus to be figuring out how all > the various bits of the auth scheme fit together, perhaps this can help > others with that. > > Craig Ringer > >