httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benjamin Donnachie <>
Subject Re: Module to allow authentication with sasl
Date Mon, 11 Jun 2007 22:36:58 GMT
Giuliano Gavazzi wrote:
> I read the announcement of mod_sasl_auth. I admit I haven't yet examined
> the question further, but wasn't SASL a no go for authentication because
> of apache threads?

That could explain why I couldn't find an existing mod_auth_sasl module!
 However, I'm fairly confident that the code should be thread safe
(Touch wood!) and it seems to be running fine on my server! (Touches
wood again to be on the safe side!).

> I have been running a mod_authnz_sasl I wrote, for almost eight months
> but never dared to make it public for the above concern...

I've had a quick look and I'm a bit confused why you're connecting
directly to the saslauthd socket - if you use the Cyrus-SASL server
library then you can use the option saslauthd_path: in the
/usr/lib/sasl2/SERVICE.conf file.

However, this is my first attempt at writing a Cyrus-SASL program so
there's a good chance that I've missed something.

> There are some clear differences in approach between the two. Good that
> we have chosen different names!

Like mod_auth_imap, the module I "borrowed" most of the code from, mine
just deals with bog standard plain text passwords with no groups.  By
comparison, I think yours even includes the kitchen sink! :-))))

Take care,


View raw message