SASL PLAIN method and proxy authentication for IMAP
|Reported by:||andi||Owned by:|
Description (last modified by alec)
To make #1486689 work, roundcube needs a way to connect to the Imap server w/o knowing the users password. This can be implemented by using SASLs proxy authentication feature, which allows the use of a fixed id and password for authentication but tells the server to act on behalf of the actual user.
Unfortunately rc only implemented CRAM-MD5 and plain imap login, neither of which supports proxy authentication. Moreover, the "PLAIN" mechanism meant to fall back to plain imap login (which is not the same as the SASL LOGIN mechanism btw.) and "AUTH" means CRAM-MD5,
- implemented SASL-PLAIN for IMAP.
- the config setting imap_auth_method = 'PLAIN' now actually means SASL-PLAIN, not LOGIN. This should not be a problem though because there is a fallback to LOGIN authentication when SASL-PLAIN is not available. Using LOGIN will use plain imap login.
- imap_auth_authcid and imap_auth_authcpw can be used to specify the autentication identity to use.