Welcome! Log In Create A New Profile

Advanced

Authorization identity for IMAP proxy

Sylvain Amrani
December 17, 2019 05:08AM
Hi list,

IMAP servers (dovecot, cyrus...) rely on SASL authentication.

The SASL specs let the client requests a different identity than the one
used for authentication.

RFC 3501 says : The authorization identity passed from the client to the
server during the authentication exchange is interpreted by the server as
the user name whose privileges the client is requesting.

Dovecot proxy and Cyrus frontends in murder architecture use this to
authenticate with an admin account and request a user identity. It's very
useful to authenticate via proxies without to know the user's password.

Is there a way to let NGINX use different identification and authentication
ids to authenticate to the remote imap server ? I can't figure out what to
put in the AUTH-* headers to do that.

Regards,
Sam
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Authorization identity for IMAP proxy

Sylvain Amrani December 17, 2019 05:08AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 106
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready