Dragging up an old thread. On Sun, 18 Aug 2002, Henrique de Moraes Holschuh wrote:Well, I have been looking at lib/auth*, and at the auth_ldap patch. I want to be able to somehow switch the auth backend Cyrus uses at runtime -- the idea of compiling Cyrus twice to have different auth backends _really_ doesn't sit well with me.
auth_ldap patch? Is it available?
Can you provide me with some details on the design of this external process?Either linking them all and selecting the backend using a config option, or using dlopen modules (if I go that way, I will be using the postfix code for dynamic dictionaries as a template) would fix the issue. I prefer the config option and compile-time linkage, since it is simpler, far less error prone, much more portable, and easier to code.Have you taken a look at auth_pts in 2.2? It basically outsources both canonicalization and group lookups to an external process, which is perhaps the overall easiest way of doing this (though I do see future versions of Cyrus/SASL making better use of canon_user SASL plugins and auxprop plugins).
Let me notice the performance drawbacks that may arise with bind/unbind operations when ldap is involved.
