Seriously, please get a mail programm that sends useful formats. p...@rick
* Mirko Stoffers <users@sogo.nu>: > Hi Patrick, hm, I cannot really see the problem with authorization: My SQL > database doesn't contain any authorization information at all. Or do you mean > that a saslauthdb could contain users for different purposes (say, FTP server > access) who are not authorized for SOGo? For the latter I would recommend > that the authentication is done by SASL and the authorization by the > PostgreSQL table w/o the password field. However, obviously I have to accept > that SOGo does not currently support SASL. So I keep my configuration till > SOGo comes to support it ;) Thanks Mirko -----Ursprüngliche Nachricht----- > Von: "Patrick Ben Koetter" <p...@state-of-mind.de> Gesendet: Sep 9, 2010 > 11:56:06 PM An: users@sogo.nu Betreff: Re: [SOGo] Authentication against SASL > >* Mirko Stoffers : >> Hi Patrick, thanks for your reply. Yes, I also thought > about that. However, >> I'm not sure whether postgres is really a good source > for authentication. I >> think, postgres is more designed as a relational > database than a password >> storage, whilst > the saslauthdb's only purpose is storing passwords. In >> practice, when I > insert the entries into the postgres database with "insert >> into ... > md5('...') ..." the passwords are shown on the screen in clear and >> saved > in the history file. That's why I would prefer using a password >> storage > (saslauthdb) for passwords. ;) Thanks, Mirko > >AFAIK SOGo does not support > SASL as authentication service because SOGo wants >more from such as backend > than only authentication. AFAIK SOGo wants >authorization too and that is > something SASL can't give you. > >So, to me, you are up to "use PostgreSQL > for all applications or use more than >one backend". If you want to stick > with both, but not maintain both, write a >script to generate a sasldb from > data taken from a PostgreSQL table. You could >even have a Python or Perl > listener hooked up to PostgreSQL recreating your >sasldb anytime data in the > PostgreSQL user table changes. > >p...@rick > > >> > ============================= Patrick wrote: Mirko, * m.stoff...@web.de : > > >> Hello community, for some reasons the mail I sent some hours ago did not > > >> > >> make it neither to me nor to the archive. So I assume that it got > > >> lost > >> somewhere and send it again this way. I apologize if my mail > > >> just was stuck >> > somewhere. Here is the mail again: > Hello > > >> community, > > I am currently > >> > setting up a SOGo installation for > > >> a small company. At least the mail > fu >> > nctionality is working so > > >> far for now, so that I came to setting up all > >> > the accounts. > > > > >> My exim and cyrus are configured to auth against SASL > >> > (backend: > > >> saslauthdb), whilst SOGo auths against a postgres db. > >> > > > >> Unfortunately, I didn't figure out how SOGo could auth against SASL > > >> which >> > > would save me adding each user twice. > > So my questions: > > >> Does SOGo >> > > support > SASL? What would you prefer instead? > > > > >> Thanks > > Mirko have >> > > you considered doing it the other way > > >> around using PostgreSQL as auth >> > > backend for SASL (and letting > > >> exim and cyrus SASL auth against a >> > > PostgreS > QL DB)? Something along these lines: # GENERIC options >> > > pwcheck_method: > auxprop auxprop_plugin: sql mech_list: plain login >> > > cram-md5 digest-md5 > # SQL auxprop plugin options sql_engine: pgsql >> > > sql_hostnames: > 127.0.0.1 sql_user: username sql_passwd: secret >> > > sql_database: company > sql_select: SELECT password FROM users WHERE user >> > > = ´%...@´%r´ > p...@rick -- state of mind Digitale Kommunikation >> > > > http://www.state-of-mind.de Franziskanerstraße 15 Telefon +4 >> 9 89 3090 > 4664 81669 München Telefax +49 89 3090 4666 Amtsgericht München > Partnerschaftsregister PR 563 >> > ___________________________________________________________ >> WEB.DE DSL > SOMMER-SPECIAL: Surf & Phone Flat 16.000 für >> nur 19,99 €/mtl.!* > http://produkte.web.de/go/DSL-Doppel-Flatrate/2 > >> -- >> users@sogo.nu >> > https://inverse.ca/sogo/lists > >> -- >> users@sogo.nu >> > https://inverse.ca/sogo/lists > > >-- >state of mind >Digitale Kommunikation > > >http://www.state-of-mind.de > >Franziskanerstraße 15 Telefon > +49 89 3090 4664 >81669 München Telefax +49 89 3090 4666 > >Amtsgericht > München Partnerschaftsregister PR 563 > > ___________________________________________________________ > WEB.DE DSL SOMMER-SPECIAL: Surf & Phone Flat 16.000 für > nur 19,99 €/mtl.!* http://produkte.web.de/go/DSL_Doppel_Flatrate/2 > -- > users@sogo.nu > https://inverse.ca/sogo/lists -- state of mind Digitale Kommunikation http://www.state-of-mind.de Franziskanerstraße 15 Telefon +49 89 3090 4664 81669 München Telefax +49 89 3090 4666 Amtsgericht München Partnerschaftsregister PR 563 -- users@sogo.nu https://inverse.ca/sogo/lists