Abstract
Description The optional saslpasswd.conf configuration file controls which authentication backends - sasldb, sql and ldapdb auxprop plugins - the saslpasswd2 command will use to create, modify and disable authentication identities. To Cyrus SASL saslpasswd2 is like any other server that requests authentication services. The command identifies itself with the application...
Description
The optional saslpasswd.conf configuration file controls which authentication backends - sasldb, sql and ldapdb auxprop plugins - the saslpasswd2 command will use to create, modify and disable authentication identities.
To Cyrus SASL saslpasswd2 is like any other server that requests authentication services. The command identifies itself with the application name saslpasswd and libsasl searches for configuration that describes how authentication for that application should take place.
The libary will search in /usr/lib/sasl2 and then in /etc/sasl for a file named saslpasswd.conf. First match wins! If it finds a configuration file in /usr/lib/sasl2 it will not look for another one in /etc/sasl.
Example
The following configuration file /etc/sasl/saslpasswd.conf defines a MySQL server as authentication backend for saslpasswd2:
# GENERIC options pwcheck_method: auxprop auxprop_plugin: sql mech_list: plain cram-md5 digest-md5 ntlm log_level: 1 # SQL auxprop plugin options sql_engines: mysql sql_hostnames: 127.0.0.1 sql_user: sasl sql_passwd: secret sql_database: sasl sql_select: SELECT %p FROM user WHERE username = '%u' AND userrealm = '%r' sql_insert: INSERT INTO user (id, username, userrealm, %p) VALUES ('', '%u', '%r', '%v') sql_update: UPDATE user SET `%p` = '%v' WHERE username = '%u' AND userrealm = '%r'
Note
Note sql_insert and sql_update configuration settings - they tell saslpasswd2 how to write to the authentication backend.