[prev in list] [next in list] [prev in thread] [next in thread]
List: cyrus-sasl
Subject: Re: Help needed with Cyrus, Sasl, Kerberos5
From: Dan White <dwhite () olp ! net>
Date: 2008-08-14 13:32:11
Message-ID: 48A433DB.5050507 () olp ! net
[Download RAW message or body]
Michael Guyver wrote:
> 2008/8/13 Dan White <dwhite@olp.net>:
>
>> Typically you would not specify a user (-a) in your GSSAPI connection.
>> Specifying a -u is asking the server to do proxy authorization, requiring
>> the identity in the ticket to exist in proxy_admins I believe, unless you're
>> providing the same identity in your -u as exists in your ticket.
>>
>
> Ah, I see. I didn't realise it was trying to do proxy-authentication,
> I thought that different -u and -a values would produce that effect.
> I'll have another go trying it without either -u or -a. Any chance you
> could elaborate on your "proxy_admins" comment, though?
>
I should have said 'proxyservers', which is a configuration item within
imapd.conf. It allows you to configure users who are allowed to proxy
auth (-u) as any other identity.
- Dan
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic