Displaying 20 results from an estimated 1100 matches similar to: "dovecot oauth"
2020 Jul 08
1
Dovecot - Xoauth2 - keycloak
Hello,
Still trying to make roundcube / Dovecot works with Keycloak.
Dovecot can't seem to validate the access_token that Roundcube gave.
-----
Jul 08 20:48:05 auth: Debug: http-client[1]: request [Req1: GET
2020 Jul 05
2
dovecot oauth
> On 05/07/2020 19:43 Aki Tuomi <aki.tuomi at open-xchange.com> wrote:
>
>
> > On 04/07/2020 21:12 la.jolie at paquerette <la.jolie at paquerette.org> wrote:
> >
> >
> > Hello,
> >
> > I'm trying to configure roundcube / dovecot to work with keycloak.
> > I activated xoauth2 oauthbearer in dovecot.
> > But a problem
2019 Dec 06
4
Dovecot & OAuth
I changed some of the tls options following the document, now config is
following:
tokeninfo_url =
https://keycloak.com/auth/realms/mail/protocol/openid-connect/token
introspection_url =
https://dovecot:7598e21b-ec34-481f-80d0-059bddae0923 at keycloak.com/auth/realms/demo/protocol/openid-connect/token/introspect
introspection_mode = post
debug = yes
rawlog_dir = /tmp/oauth2
#force_introspection
2019 Dec 08
2
Dovecot & OAuth
On 06/12/2019 20:54, Aki Tuomi via dovecot wrote:
> Hi!
>
> It seems there is a bug in the oauth2 driver, it loads the cert files wrong way. I'll make an internal bug report of this.
Tracking as DOP-1590.
Regards,
Stephan.
>> On 06/12/2019 16:42 mizuki <mizuki0621 at gmail.com> wrote:
>>
>>
>> Hi,
>>
>> For troubleshooting purposes, I
2019 Dec 05
2
Dovecot & OAuth
Hi all,
We'd like to enable OAuth with Keycloak in Dovecot, after enabling
'OAUTHBEARER XOAUTH2' in Dovecot based on online document, I can confirm
Dovecot is ready for OAuth using openssl command, however when the auth
request comes in, it failed in establishing a SSL connection with Keycloak
server on port 443, shown as following in debug logs. I can confirming
using commands
2019 Dec 06
0
Dovecot & OAuth
Hi!
It seems there is a bug in the oauth2 driver, it loads the cert files wrong way. I'll make an internal bug report of this.
Aki
> On 06/12/2019 16:42 mizuki <mizuki0621 at gmail.com> wrote:
>
>
> Hi,
>
> For troubleshooting purposes, I change the read/write permissions on the certs and confirmed 'dovecot' can read them w/o problem, but still seeing the
2019 Dec 10
0
Dovecot & OAuth
Thank you Stephan,
I'm wondering if I can read the track of the status of bug reports? Could
you please advice?
Thanks.
Mizuki
On Sun, Dec 8, 2019 at 6:40 AM Stephan Bosch <stephan at rename-it.nl> wrote:
>
>
> On 06/12/2019 20:54, Aki Tuomi via dovecot wrote:
> > Hi!
> >
> > It seems there is a bug in the oauth2 driver, it loads the cert files
> wrong
2020 Jul 06
0
dovecot oauth
On 5/07/20 18:46, Aki Tuomi wrote:
>> On 05/07/2020 19:43 Aki Tuomi <aki.tuomi at open-xchange.com> wrote:
>>
>>
>>> On 04/07/2020 21:12 la.jolie at paquerette <la.jolie at paquerette.org> wrote:
>>>
>>>
>>> Hello,
>>>
>>> I'm trying to configure roundcube / dovecot to work with keycloak.
>>> I
2019 Dec 05
0
Dovecot & OAuth
Before declaring it not ready for prime time, did you try setting
tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt
In the oauth2 configuration file as documented in https://doc.dovecot.org/configuration_manual/authentication/oauth2 ?
Aki
> On 05/12/2019 21:58 mizuki via dovecot <dovecot at dovecot.org> wrote:
>
>
> Hi all,
>
> We'd like to enable OAuth with
2020 Feb 14
0
Dovecot Proxy - Oauth2 mech add custom fields
Hi,
I have a problem with configuring dovecot passdb for Oauth2 with keyclock.
A user can access more mailbox, mailboxes are associated with the user.
When a user login with this method:
OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot ready.
a login mailbox*user password
Dovecot when requiring the grant_url send to Keyclock, for example, this post
2020 Jul 05
0
dovecot oauth
> On 04/07/2020 21:12 la.jolie at paquerette <la.jolie at paquerette.org> wrote:
>
>
> Hello,
>
> I'm trying to configure roundcube / dovecot to work with keycloak.
> I activated xoauth2 oauthbearer in dovecot.
> But a problem occurs when dovecot tries to contact the keycloak server
> (logs are below).
>
> My problem looks like this one:
>
2016 Nov 21
2
kerberos | client not found
Hi,
Can someone point out what I am doing wrong here?
Background: I'm trying to make keycloak (saml) authenticate using
kerberos, and I'm getting "client not found in kerberos database". Below
are the steps I have taken.
I'm using a domain member servers machine account (server$) to add the
SPN, since keycloak is running on that member server. (for the record:
the
2024 Aug 30
1
ldapsrv_do_call: Critical extension 1.2.840.113556.1.4.2066 is not known to this server
?Hi Team,
Environment:? Samba 4.20.4 AD-DC on bookworm.
I am trying to setup password change for users as self-service in the
account-console in Keycloak (25.0.4 on Bookworm).
I have setup Keycloak user federation with writable (Active Directory)
LDAP and Kerberos and without synchronization (so there are no local
Keycloak actions, everything goes directly to Samba).
I have tested the
2017 Jan 27
4
pwdLastSet, password required to change (samba vs MSAD)
Hi,
We are using keycloak with our samba-4.4.4 AD environment. (an ldaps
client application)
Keycloak is able to ask users to change their passwords, when the
checkbox "require password change upon next logon" is set in ADUC.
However, in our environment (samba-4.4.4) keycloak simply refuses the
logons when tht checkbox is set. ("bad username or password")
RedHat
2017 Jan 27
1
pwdLastSet, password required to change (samba vs MSAD)
Hi Andrew and Rowland,
Two replies, so quickly! I'm impressed :-)
On 01/27/2017 10:47 AM, Andrew Bartlett via samba wrote:
> And a very interesting one at that. I'm glad to see someone has taken
> on some of the ADFS capability I hear folks ask for regularly.
Yes I agree, keycloak is very cool.
I have found the following samba bug report:
2019 Oct 11
1
Samba "pass" authentication to OpenID or SAML (external)
thanks,
I believe I will need to do an Adfs for this kind of authentication. I
found nothing in documented about federation service, is it possible
to do samba?
Thiago
Em sex, 11 de out de 2019 00:16, Andrew Bartlett <abartlet at samba.org>
escreveu:
> On Thu, 2019-10-10 at 21:24 -0300, Thiago Anderson Santos via samba
> wrote:
> > Hello everyone,
> > I received a
2019 Oct 11
2
Samba "pass" authentication to OpenID or SAML (external)
Hello everyone,
I received a somewhat strange and complicated demand today.
The idea of the manager is to use samba as a domain server but the
directory tree (authentication and authorization of users) is on an
external SAML server using keycloak. The samba will pass only GPO.
Is this possible?
As far as I've seen samba works the version of Windows Active Directory as
well, and I've
2021 Aug 06
3
v2.3.16 released
Hi,
One interesting thing in this release is the support for configuring OAUTH2 openid-configuration element. It would be nice if IMAP clients started supporting this feature to enable OAUTH2 for all IMAP servers, not just Gmail and a few others. This would allow all kinds of new authentication methods for IMAP and improve the authentication security in general.
2021 Aug 06
3
v2.3.16 released
Hi,
One interesting thing in this release is the support for configuring OAUTH2 openid-configuration element. It would be nice if IMAP clients started supporting this feature to enable OAUTH2 for all IMAP servers, not just Gmail and a few others. This would allow all kinds of new authentication methods for IMAP and improve the authentication security in general.
2024 Feb 09
1
Authentication using federated identity
Practically speaking, most popular IAM and SSO solutions offer OIDC SAML
tokens but do not offer Kerberos tickets.? OpenID Connect is a standard
which itself is based on RFC6749 (OAuth2). This provides a compelling
reason to support it in addition to Kerberos.? I'll also note that OIDC
tokens are easy to validate without a bidirectional trust relationship
between the IdP and RP.
SSH