What to do for SASL to ldap?

Gunnar Wrobel wrobel at pardus.de
Mon Apr 26 06:27:24 CEST 2010


Quoting Alexander Gran <alexg at moduleworks.com>:

> Hi,
>
> after screening crazy amounts of google results, I seem to understand that
> currently kolabs ldap can't do SASL.
> The reason is that SASL needs a clear text password from somewhere, but
> kolab just stores the SSHA password in the ldap tree. Therefore simple (non-
> sasl) authentication works, as slapd get the password, applies the salt,
> hashes and compares, but there is no way to get sasl with that working.
> In theory SASL PLAIN should work, but SASL gets confused by the stored SSHA
> hash.
> Is there any chance to get that working? Perhaps at least plain (via ssl,
> obvoiusyl)? I don't like the idea to strore clear text passwords.

As SASL is using LDAP for authentication on the Kolab server I have  
the feeling that having LDAP use SASL for authentication is difficult  
if not impossible.

I remember a discussion with a colleague about this topic and I think  
he knew how to solve that. I added him to cc but I don't know if he  
has the time to respond.

Cheers,

Gunnar

>
> regards
> Alex
>
> --
>
> Dipl. Inform. Alexander Gran, MBA
> alexg at moduleworks.com
> http://www.moduleworks.com
> SkypeID: mw_alexg
> M: +49(0)163/5598933
>
> ModuleWorks GmbH
> Ritterstraße 12a
> 52072 Aachen
> HRB 11871
> Amtsgericht Aachen
> Geschäftsführer Yavuz Murtezaoglu
>
> This message is for the designated recipient only and may contain
> privileged, proprietary, or otherwise private information.
> If you have received it in error, please notify the sender immediately
> and delete the original.
> Any other use of the email by you is prohibited.
>
> _______________________________________________
> Kolab-users mailing list
> Kolab-users at kolab.org
> https://kolab.org/mailman/listinfo/kolab-users
>



-- 
______ http://kdab.com _______________ http://kolab-konsortium.com _

p at rdus Kolab work is funded in part by KDAB and the Kolab Konsortium

____ http://www.pardus.de _________________ http://gunnarwrobel.de _
E-mail : p at rdus.de                                 Dr. Gunnar Wrobel
Tel.   : +49 700 6245 0000                          Bundesstrasse 29
Fax    : +49 721 1513 52322                          D-20146 Hamburg
--------------------------------------------------------------------
    >> Mail at ease - Rent a kolab groupware server at p at rdus <<
--------------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digitale PGP-Unterschrift
URL: <http://lists.kolab.org/pipermail/users/attachments/20100426/ac9c0bd4/attachment.sig>


More information about the users mailing list