Tom Sommer
2008-Aug-19 13:44 UTC
[Dovecot] Authentication cache, failure to login after changed password
Hi,
I have an issue with the authentication cache.
When a user changes his password, the cache doesn't seem to get flushed.
Meaning the user is unable to log in to his IMAP account after changing
his password.
Flow:
- Log into IMAP account using pass1
- Approved
- Stored in auth cache
- Change password to pass2 in MySQL
- Log into IMAP account using pass2
- Access is denied
- Restart dovecot
- Log into IMAP account using pass2
- Approved
I'd really like to continue to use the auth cache, is there any solution
to the above? perhaps a way to debug the cache and auth process? I wasn't
able to activate auth_debug without restarting Dovecot and solving the
problem.
Using version 1.1.1, MySQL userdb, with "nopassword=Y".
Maybe it's due to nopassword?
Thanks
--
Tom
Tom Sommer
2008-Aug-19 13:49 UTC
[Dovecot] Authentication cache, failure to login after changed password
On Tue, August 19, 2008 15:44, Tom Sommer wrote:> Using version 1.1.1, MySQL userdb, with "nopassword=Y". > > Maybe it's due to nopassword?Should add, this is my password_query: password_query = SELECT username as user, NULL as password, "Y" as nopassword FROM users WHERE ... Does the auth cache think the user's password is always NULL then? rendering it ineffective? nopassword requires a NULL password, so I can't really turn it off. -- Tom
Maybe Matching Threads
- auth-request.c: assertion failed: (*name != '\0')
- [LLVMdev] How to force MemoryDependenceAnalysis to run on original module
- [LLVMdev] How to force MemoryDependenceAnalysis to run on original module
- [LLVMdev] How to force MemoryDependenceAnalysis to run on original module
- help with AES_DECRYPT and password lookup - mysql password_query