PageViews: 93,988 hits / 585 nets
home updates download manual documents search
DeleGateIcon

Reference Manual of DeleGate

SIMPLE PLAIN
DeleGate reference manual version 9.9 / authForw
[CTX] [ALL]
AUTHFORW: -map{inPat}{localPat}{fwdPat} | -strip | -fwd
(available only in FTP and POP currently)
The "-map" prefix is used to split incoming authentication information of USER and PASS (in inPat pattern) into a pair of authentications, the one to be used locally by authServList (in localPat) and another to be forwarded to the server (in fwdPat). Each authentication information to be matched or generated is represented by a string of a pair of a user name and a password as "username:password". If the username string generated by fwdPat ends with a substring as "@Host" then it is striped and the Host is used as the destination server. The string is matched and generated by the pattern specification format common to the one used for pattern matching in the MOUNT parameter.
Example: -strip
    1A) AUTHORIZER="-map{%S@%S:%S@%S}{%(0):%(2)}{%(1):%(3)},-list{u1:p1},-pam"
    1B) AUTHORIZER="-strip,-list{u1:p1},-pam" ## equiv. to the above
    incoming auth. <-- USER user1@user2@host2 + PASS pass1@pass2
    local auth. by u1 or PAM <-- USER user1 + PASS pass1
    outgoing to the server h2 <-- USER user2 + PASS pass2
Example: -fwd
    2A) AUTHORIZER="-map{%S:%S}{%S:%S}{%S:%S},-list{u1:p1},-pam"
    2B) AUTHORIZER="-fwd,-list{u1:p1},-pam" ## equiv. to the above
Example:
    3A) AUTHORIZER="-map{%S}{%S}{},-list{u1:p1},-pam"
    3B) AUTHORIZER="-list{u1:p1},-pam" ## equiv. to the above
As shown in the above example 1), "-strip" is used to support a nested username and password as USER "u1@u2@u3@h3@h2@h1" and PASS "p1@p2@p3". It strips the first element before '@' in the USER and PASS to be used for local authentication, strips the last element after '@' in USER as the destination server, then forwards remaining string to the destination server. "-fwd" specifies to use the same USER and PASS both for the local authentication and the authentication with a server.