Mailing List CGatePro@mail.stalker.com Message #92202
From: Thom O'Connor <thom@communigate.com>
Subject: SASL authentication with external LDAP - for SIP/XMPP/Pronto
Date: Mon, 13 Aug 2007 14:48:52 -0700
To: <cgatepro@communigate.com>
Background:
Difficulties using SASL auth "challenge-response" mechanisms with an
external LDAP directory have often been discussed here, including but
not-limited to these discussion threads on the mailing list:

  http://mail.stalker.com/Lists/CGatePro/Message/92121.html
  http://mail.stalker.com/Lists/CGatePro/Message/90954.html
  http://mail.stalker.com/Lists/CGatePro/Message/81572.html
  http://mail.stalker.com/Lists/CGatePro/Message/79431.html

(If your have been unable to authenticate via SIP, XMPP, or Pronto and
you are using an external LDAP directory - this was likely the cause of
the problem.)

Recommended Approach:
Please note that one technique to achieve SASL auth with an external
LDAP Directory is now documented at the following page, and a new
authLDAP plugin which implements it is provided there:

https://support.communigate.com/tickets/kb_article.php?ref=2272-WTXV-8661

Using this method, CommuniGate Pro can perform SASL authentication with
an external LDAP Directory - this allows for SIP, XMPP, and Pronto
(XIMSS) authentication (including Pronto SSL) via external LDAP.

(Please note: In order to use Pronto with SSL, CommuniGate Pro 5.1.12e
or later is required. For SIP and XMPP authentication, as well as Pronto
non-SSL SASL authentication, this technique should work with earlier 5.1
releases).

An example is provided there for OpenLDAP configuration.

Please review this and let us know if you have any questions.
 Sincerely,
  -thom
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster