Re: https authorisation server?

[Dan Ritter]

Jeremy Ardley wrote: 
> I'm working on providing an imap proxy on my LAN gateway and it seems nginx
> module ngx_mail will do the job nicely.
> 
> The problem is the module mandates an http authorisation server.
> 
> Ideally I would run the authorisation server on my internal mail machine and
> it would use PAM or suchlike to look up mail usernames and passwords rather
> than me having to maintain separate user/password files.
> 
> What candidates are there for a standalone https authorisation server? Or a
> plug in module for an nginx instance running on the internal mail server?

The nginx wiki has a sample auth.php:

https://www.nginx.com/resources/wiki/start/topics/examples/imapauthenticatewithapachephpscript/

It has a function, auth_user, which is currently set to return
true. This is acceptable for your case, because the actual IMAP
server is going to demand its own authentication, the way you do
now (presumably). If that's dovecot, PAM is normal for it.

The real use of this call, as far as I can tell, is to
distribute users among multiple IMAP servers as backends -
either by domain or by, say, a hash of their username.

-dsr-

https authorisation server?

[Jeremy Ardley]

I'm working on providing an imap proxy on my LAN gateway and it seems 
nginx module ngx_mail will do the job nicely.


The problem is the module mandates an http authorisation server.

Ideally I would run the authorisation server on my internal mail machine 
and it would use PAM or suchlike to look up mail usernames and passwords 
rather than me having to maintain separate user/password files.


What candidates are there for a standalone https authorisation server? 
Or a plug in module for an nginx instance running on the internal mail 
server?


Thanks,

--
Jeremy



OpenPGP_signature
Description: OpenPGP digital signature