Timo Sirainen a écrit : > On Jun 12, 2009, at 9:45 AM, Geoffroy Desvernay wrote: > >> For a single webmail connection per login, it work, thanks to cache_key >> using client's IP. >> >> But for multiple use of the same login in the webmail, there are more >> than one 'password' valid at a time… >> >> What may be the 'correct' solution: > > The only usable solution I see is to disable negative auth caching and > use this patch from v1.2: > http://hg.dovecot.org/dovecot-1.2/rev/8a23ab43132a > Thank you !
I compiled 1.1.16 with this patch (applied manually). If I understand what it does (I'm not sure at all), It just allow disabling negative caching of wrong passwords, but it doesn't allow to cache multiple passwords for one 'cache_key', am I right ? In my test-case, this patch allows the webmail to work, getting a new ticket for each IMAP connection (1 login failure then login success with a new ticket) in case of concurrent connections with a same login. (the last who clicks kicks out others from the cache) I think dovecot understands this as a 'password change', and this behaviour seems correct for all but this case :( How difficult would it be to keep cached more than one password by key ? -- *Geoffroy Desvernay* C.R.I - Administration systèmes et réseaux Ecole Centrale de Marseille Tel: (+33|0)4 91 05 45 24 Fax: (+33|0)4 91 05 45 98 d...@centrale-marseille.fr
signature.asc
Description: OpenPGP digital signature
