search for: username_attribut

I am trying to use a newly added Local Validation functionality in dovecot version 2.3.11. I am running dovecot inside a Docker container With base image " debian:buster-slim". When I try to login through below command , a crash is seen. Algorithm Used is RS256 and certificate is self-signed. ''' a1 login admin

...tps://dovecot:7598e21b-ec34-481f-80d0-059bddae0923 at keycloak.com/auth/realms/demo/protocol/openid-connect/token/introspect >>>> introspection_mode = post >>>> debug = yes >>>> rawlog_dir = /tmp/oauth2 >>>> #force_introspection = yes >>>> username_attribute = username >>>> #active_attribute = active >>>> #active_value = true >>>> tls_ca_cert_file = /etc/pki/CA/certs/incommon-rsa-server-ca.crt >>>> tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem >>>> tls_key_file = /etc/pki/dovecot/private...

...://keycloak.com/auth/realms/mail/protocol/openid-connect/token introspection_url = https://dovecot:7598e21b-ec34-481f-80d0-059bddae0923 at keycloak.com/auth/realms/demo/protocol/openid-connect/token/introspect introspection_mode = post debug = yes rawlog_dir = /tmp/oauth2 #force_introspection = yes username_attribute = username #active_attribute = active #active_value = true tls_ca_cert_file = /etc/pki/CA/certs/incommon-rsa-server-ca.crt tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem tls_key_file = /etc/pki/dovecot/private/dovecot.pem --------------- The debug log is showing now slightly different msg ex:...

...ib_save_level = 6 } dovecot-ldap-dict.conf.ext: uri = ldap://ldap.internal bind_dn = cn=Manager,dc=mail,dc=com password = XXXX tls = no debug = 1 map { pattern = last-login/$user filter = (&(mail=%{user})(objectClass=mailUser)) # the () is required base_dn = o=domains,dc=mail,dc=com username_attribute = mail value_attribute = lastLoginTime fields { mail=$user } } I don't see dovecot ever making a connection to the LDAP server I've configured in the dovecot-ldap-dict.conf.ext file. Log shows ==> /var/log/dovecot.log <== Mar 22 07:49:30 imap-login: Info: Login: user=&l...

...=Manager,dc=mail,dc=com > > password = XXXX > > tls = no > > debug = 1 > > > > map { > > pattern = last-login/$user > > filter = (&(mail=%{user})(objectClass=mailUser)) # the () is required > > base_dn = o=domains,dc=mail,dc=com > > username_attribute = mail > > value_attribute = lastLoginTime > > fields { > > mail=$user > > } > > } > > > > I don't see dovecot ever making a connection to the LDAP server I've > > configured in the dovecot-ldap-dict.conf.ext file. > > > &...

...= https://dovecot:7598e21b-ec34-481f-80d0-059bddae0923 at keycloak.com/auth/realms/demo/protocol/openid-connect/token/introspect > > > introspection_mode = post > > > debug = yes > > > rawlog_dir = /tmp/oauth2 > > > #force_introspection = yes > > > username_attribute = username > > > #active_attribute = active > > > #active_value = true > > > tls_ca_cert_file = /etc/pki/CA/certs/incommon-rsa-server-ca.crt > > > tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem > > > tls_key_file = /etc/pki/dovecot/private/dove...

...34-481f-80d0-059bddae0923 at keycloak.com/auth/realms/demo/protocol/openid-connect/token/introspect > >>>> introspection_mode = post > >>>> debug = yes > >>>> rawlog_dir = /tmp/oauth2 > >>>> #force_introspection = yes > >>>> username_attribute = username > >>>> #active_attribute = active > >>>> #active_value = true > >>>> tls_ca_cert_file = /etc/pki/CA/certs/incommon-rsa-server-ca.crt > >>>> tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem > >>>> tls_key_file =...

...-proxy/dovecot-oauth2.conf grant_url = https://keycloak-iam.apps.example.com/auth/realms/example/protocol/openid-connect/token use_grant_password = yes introspection_mode = post introspection_url = https://keycloak-iam.apps.example.com/auth/realms/example/protocol/openid-connect/token/introspect username_attribute = username username_format = %Lu tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt active_attribute = active active_value = true scope = email send_auth_headers = yes debug = yes rawlog_dir = /LOGS/imap/oauth2/ client_id = imap-client client_secret = 99e26b26-0f2a-4b64-8f57-c0ca2147d3a0 pa...

...uri = ldap://ldap.internal > bind_dn = cn=Manager,dc=mail,dc=com > password = XXXX > tls = no > debug = 1 > > map { > pattern = last-login/$user > filter = (&(mail=%{user})(objectClass=mailUser)) # the () is required > base_dn = o=domains,dc=mail,dc=com > username_attribute = mail > value_attribute = lastLoginTime > fields { > mail=$user > } > } > > I don't see dovecot ever making a connection to the LDAP server I've > configured in the dovecot-ldap-dict.conf.ext file. > > Log shows > > ==> /var/log/dovecot.lo...

...log/dovecot-deliver-errors.log } ------ - dovecot-oauth2.conf.ext ----- tokeninfo_url = https://my.keycloak.host/auth/realms/test_saml/protocol/openid-connect/token introspection_mode = post introspection_url = https://my.keycloak.host/auth/realms/test_saml/protocol/openid-connect/token/introspect username_attribute = email tls_ca_cert_file = /etc/letsencrypt/live/my.host/chain.pem #tls_ca_cert_file = /etc/ssl/certs/letsencrypt.pem #active_attribute = enableMail #active_value = TRUE debug =? yes rawlog_dir = /tmp/oauth2 ----- * Logs: ------- Jul 04 17:00:12 auth: Debug: oauth2(my.mail at whatever,::1,<fG...

Hi all, We'd like to enable OAuth with Keycloak in Dovecot, after enabling 'OAUTHBEARER XOAUTH2' in Dovecot based on online document, I can confirm Dovecot is ready for OAuth using openssl command, however when the auth request comes in, it failed in establishing a SSL connection with Keycloak server on port 443, shown as following in debug logs. I can confirming using commands