On Wed, Oct 01, 2003 at 02:24:04PM -0500, anthony mayes wrote: > We would like to implement a murder including 2 frontends and 3+ > backends in a switched (or vpn) environment. After reading the > cyrus-info archives and the documents included in the Cyrus source, we > are unclear about the authentication process between the front and the > back ends. We would like to avoid using Kerberos if at all possible > being as we do not have an existing Kerberos installation. What > authentication methods would be best suited for this environment?
The frontend authenticate to the backend as a special users, defined as the 'proxy_authname' on the frontend. The revelant part of imapd.conf on the frontend would look like : proxy_authname: proxy backend1_password: ********* backend1_mechs: DIGEST-MD5 backend2_password: ********* backend2_mechs: DIGEST-MD5 Replace 'backend1' and 'backend2' with the actual name of your backend. Also, the user specified in 'proxy_authname' must be authenticable on the backend (by auxprop, most likely, since it connect with DIGEST-MD5). A question : is the 'proxy_authname' required to be admin on the backend? Could it be just in proxyservers ? -- Etienne Goyer Linux Québec Technologies Inc. http://www.LinuxQuebec.com [EMAIL PROTECTED]
