Dragging up an old thread. On Sun, 18 Aug 2002, Henrique de Moraes Holschuh wrote:
> Well, I have been looking at lib/auth*, and at the auth_ldap patch. I want > to be able to somehow switch the auth backend Cyrus uses at runtime -- the > idea of compiling Cyrus twice to have different auth backends _really_ > doesn't sit well with me. > > Either linking them all and selecting the backend using a config option, or > using dlopen modules (if I go that way, I will be using the postfix code for > dynamic dictionaries as a template) would fix the issue. > > I prefer the config option and compile-time linkage, since it is simpler, > far less error prone, much more portable, and easier to code. Have you taken a look at auth_pts in 2.2? It basically outsources both canonicalization and group lookups to an external process, which is perhaps the overall easiest way of doing this (though I do see future versions of Cyrus/SASL making better use of canon_user SASL plugins and auxprop plugins). Currently ptloader doesn't have dynamically selectable modules, but I think thats a fairly simple matter to resolve. I also have an LDAP module working for this system, but not configurable yet (so if anyone wants to authorize using the CMU LDAP server, it'll work for them ;) I may get this done over vacation, most likely it will be early January. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
