This repository was archived by the owner on Jul 2, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 12
Debugging Authentication
Timotheus Pokorra edited this page Feb 9, 2018
·
12 revisions
Users are managed in LDAP.
Authentication happens in several places:
- Kolab Webadmin
- https://cgit.kolab.org/webadmin/tree/lib/Auth/LDAP.php#n135
- https://cgit.kolab.org/webadmin/tree/lib/kolab_api_controller.php#n292
- https://cgit.kolab.org/webadmin/tree/lib/kolab_client_api.php#n103
- https://cgit.kolab.org/webadmin/tree/lib/kolab_client_task.php#n204
- https://cgit.kolab.org/webadmin/tree/lib/kolab_client_task.php#n792 login form
- Roundcube
- see https://cgit.kolab.org/roundcubemail-plugins-kolab/tree/plugins/kolab_auth/kolab_auth.php#n438
- this works against ldap directly
- and against Cyrus: https://github.com/roundcube/roundcubemail/blob/master/program/lib/Roundcube/rcube_imap_generic.php#L685
- this step is like telnet to Cyrus Port 143, see below
- kolab-saslauthd for IMAP, POP3, etc
To test authentication with saslauthd:
testsaslauthd -u test.test@pokorra.de -p secret
0: OK "Success."
When developing in pykolab Auth, test the code to see syntax errors:
/usr/sbin/kolab-saslauthd -l warning --socket /run/saslauthd/mux
To test authentication via ldap:
ldapsearch -D "uid=test,ou=People,dc=kolab,dc=pokorra,dc=de" -w $pwd -b ou=People,dc=kolab,dc=pokorra,dc=de
To test authentication via cyrus:
telnet localhost 143
. login test secret
To test authentication via cyrus over port 993:
openssl s_client -connect mykolab.myserver.de:993 -CApath /etc/ssl/certs
. login test secret