Re: Using email address as login name
On Fri, Oct 17, 2003 at 09:35:16AM -0500, James A. Pattie wrote: > Paul Kreiner wrote: > | If you want your username to contain an '@' sign, you need to patch SASL to > | make this work, otherwise you'll get '(-13) NO User does not exist' errors or > | something (forget the message off the top of my head). This is because SASL > | internally uses the '@' character to delimit the SASL realm from the > | username, which messes up your authentication scheme. > > Where would I get this patch for SASL? This was the problem I was encountering > and reported last month and no-one mentioned having to patch SASL! Umm.. You don't. I don't know why Kreiner is making budy work for himself, but there's no reason to patch SASL to support double @ signs. Simply make the domain part of the e-mail address be the realm in your authentication method of choice. This is painfully easily ;-) in LDAP and MySQL configurations. I believe you can handle this in sasldb as well with sasl2/program.conf options. -- Joe Rhett Chief Geek [EMAIL PROTECTED] Isite Services, Inc.
Re: Using email address as login name
> | If you want your username to contain an '@' sign, you need to patch
> SASL to | make this work, otherwise you'll get '(-13) NO User does not
> exist' errors or | something (forget the message off the top of my
> head). This is because SASL | internally uses the '@' character to
> delimit the SASL realm from the | username, which messes up your
> authentication scheme.
>
> Where would I get this patch for SASL? This was the problem I was
> encountering and reported last month and no-one mentioned having to
> patch SASL!
Try the following (against cyrus-sasl-2.1.15/plugins/plugin_common.c).
You'll need to add CFLAGS="-DPKCODE" to your ./configure line, or #define
PKCODE some other way when compiling SASL. I was going to try to make it
a configurable option, but I've never done autoconf before -- and I
finally decided it wasn't worth my time to try figuring it out for this
little patch. :)
As the comment says, this will allow a username form of "[EMAIL PROTECTED]" to
work correctly. It also allows "[EMAIL PROTECTED]@realm", if anyone's setup was
crazy enough to need that to work.
--- plugin_common.c.orig 2003-02-13 12:56:05.0 -0700
+++ plugin_common.c 2003-09-22 13:48:01.0 -0600
@@ -661,7 +661,19 @@
return SASL_BADPARAM;
}
+/* PK: added the following #ifdef'd code, so if there are two or more '@' in
+ the string, it is assumed that the rightmost one specifies a realm. If
+ there's only one '@' sign, then it's assumed to be a username, NOT a
realm.+*/
+#ifdef PKCODE
+if (strchr(input, '@') == strrchr(input, '@'))
+r = NULL;
+else
+r = strrchr(input, '@');
+#else
r = strchr(input, '@');
+#endif
+
if (!r) {
/* hmmm, the user didn't specify a realm */
if(user_realm && user_realm[0]) {
Re: Using email address as login name
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Kreiner wrote: | Avtar Gill wrote: | |>Gerard Ceraso wrote: |> |>>I have seen some places where the login name for the email would be |>>[EMAIL PROTECTED] so for example if I wanted to login my login for this |>>account would be [EMAIL PROTECTED] How is this done with cyrus, I |>>tried and it didn't work. Am I missing something? Is it possible with |>>cyrus? |> |>It's possible with version 2.2, you can log in using the default domain |>that Cyrus is configured for ([EMAIL PROTECTED]) or any virtual |>domain ([EMAIL PROTECTED]). | | | If you want your username to contain an '@' sign, you need to patch SASL to | make this work, otherwise you'll get '(-13) NO User does not exist' errors or | something (forget the message off the top of my head). This is because SASL | internally uses the '@' character to delimit the SASL realm from the | username, which messes up your authentication scheme. Where would I get this patch for SASL? This was the problem I was encountering and reported last month and no-one mentioned having to patch SASL! | | I've got this exact setup running at three sites in 2.1 and 2.2, with logins | of the form '[EMAIL PROTECTED]', '[EMAIL PROTECTED]', etc. It's a | little bit of a hack, but it works for me. I definitely recommend using 2.2 | -- it makes some of the other virtual domain stuff quite a bit easier/better. | | - -- James A. Pattie [EMAIL PROTECTED] Linux -- SysAdmin / Programmer Xperience, Inc. http://www.pcxperience.com/ http://www.xperienceinc.com/ GPG Key Available at http://www.pcxperience.com/gpgkeys/james.html -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQE/j/4ktUXjwPIRLVERAlvzAJ9BdKGIQh+DrcDBGsKdkSw90sMBygCdGRVG KR5/O6d/yoAYMtnIT3idmWo= =aB2j -END PGP SIGNATURE- -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. Mailscanner thanks transtec Computers for their support.
RE: Using email address as login name
Avtar Gill wrote: >Gerard Ceraso wrote: >> I have seen some places where the login name for the email would be >> [EMAIL PROTECTED] so for example if I wanted to login my login for this >> account would be [EMAIL PROTECTED] How is this done with cyrus, I >> tried and it didn't work. Am I missing something? Is it possible with >> cyrus? > >It's possible with version 2.2, you can log in using the default domain >that Cyrus is configured for ([EMAIL PROTECTED]) or any virtual >domain ([EMAIL PROTECTED]). If you want your username to contain an '@' sign, you need to patch SASL to make this work, otherwise you'll get '(-13) NO User does not exist' errors or something (forget the message off the top of my head). This is because SASL internally uses the '@' character to delimit the SASL realm from the username, which messes up your authentication scheme. I've got this exact setup running at three sites in 2.1 and 2.2, with logins of the form '[EMAIL PROTECTED]', '[EMAIL PROTECTED]', etc. It's a little bit of a hack, but it works for me. I definitely recommend using 2.2 -- it makes some of the other virtual domain stuff quite a bit easier/better.
Re: Using email address as login name
Gerard Ceraso wrote: I have seen some places where the login name for the email would be [EMAIL PROTECTED] so for example if I wanted to login my login for this account would be [EMAIL PROTECTED] How is this done with cyrus, I tried and it didn't work. Am I missing something? Is it possible with cyrus? It's possible with version 2.2, you can log in using the default domain that Cyrus is configured for ([EMAIL PROTECTED]) or any virtual domain ([EMAIL PROTECTED]).
Re: Using email address as login name
Gerard Ceraso wrote: I have seen some places where the login name for the email would be [EMAIL PROTECTED] so for example if I wanted to login my login for this account would be [EMAIL PROTECTED] How is this done with cyrus, I tried and it didn't work. Am I missing something? Is it possible with cyrus? It's possible with version 2.2, you can log in using the default domain that Cyrus is configured for ([EMAIL PROTECTED]) or any virtual domain ([EMAIL PROTECTED]).
Using email address as login name
I have seen some places where the login name for the email would be [EMAIL PROTECTED] so for example if I wanted to login my login for this account would be [EMAIL PROTECTED] How is this done with cyrus, I tried and it didn't work. Am I missing something? Is it possible with cyrus? ~gerard http://devslash.org
