[sork] Passwd backends

[Peter Borg (General)]

Sorry, I should have been clearer; I'd already used the existing preferences
to disable the ability to change the username / select the backend. I'd
mentioned it to demonstrate that therefore my modification for full username
purposes was specific to that situation.

Re: hooks; yup, I'd considered this and even tried it, but having previously
searched around for information on this issue (and a related one, more on
that in a few days), I'd realised that I wasn't alone in this requirement,
and that it's quite a common one.

The thing that led me to suggest this modification, rather than just hacking
my own installation and keeping quiet, was that there is a similar setting
in imp/config/servers.php - 'hordeauth' - which I have used for my
particular installation.

It seemed strange that this setting existed in imp but not in passwd. After
setting it in imp I went looking for it in passwd and was surprised not to
find it. Therefore I thought it might be good to provide a similar setting
in passwd.

I would suggest that it is not an uncommon requirement; I suspect that
Horde/Imp is used as a webmail solution in many virtual hosting environments
where the full user & domain name is required for authentication and
authorisation. The ability to change a password in the webmail environment
is probably incredibly desirable in many such situations, as typically the
user interface for password changes is a separate one provided by the
hosting software, and in my experience is absolutely dreadful!

Peter.

-----Original Message-----
From: sork-bounces at lists.horde.org [mailto:sork-bounces at lists.horde.org] On
Behalf Of Eric Rostetter
Sent: 27 January 2005 22:09
To: sork at lists.horde.org
Subject: Re: [sork] Passwd backends

Quoting "Peter Borg (horde)" <horde at peter-b.org>:

> I've recently installed Horde 3 and the various modules that are 
> immediately available for it.
> 
> In addition, because it's an essential tool for my users, I've picked 
> up the HEAD release of passwd from CVS to use it - seems to work fine for
me!

Great!

> However, I had to modify it to be able to use it successfully as my 
> various

Are you sure?

> authentications require the full username (Auth::getAuth) as opposed 
> to the domain-stripped username (Auth::getBareAuth).

Isn't there a hook in it just for this purpose?

> I don't want users to be able
> to enter the username for which they want to change the password, nor 
> to select the back-end.

Are not these configuration options?

> I was considering submitting a patch for this, but the modification 
> I've made wouldn't necessarily suit everyone. Reviewing the options, I 
> was wondering what people's views are on this.

I've not looked at the code recently, but I thought all those changes were
already there as configuration options.  If not, I'd support changes to
allow them as configuration changes.

> Clearly, there's a need for a
> parameter to control which type of username is presented to the user 
> or passed to the backend, but should this be global for all backends, 
> or backend specific.

It should be a hook, so it is more flexible.

> In which case, it seems fairly trivial to add an extra property to 
> each back-end definition in backends.php; require_full_username set to 
> either true or false would seem sensible.

This has traditionally been done with hooks, and should stay that way to be
consistent with other Horde applications.

> Discuss?

Sure.
 
> (As an aside, I wasn't sure if anyone was working on passwd at the 
> moment,

Not really.  But it isn't forgotten or anything.

> so wasn't sure which version to submit a patch for. Seems foolish to 
> submit a patch to HEAD if it's being worked on!)

Always submit against HEAD.
 
> Peter.

--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
 
Why get even? Get odd!
--
Sork mailing list - Join the hunt: http://horde.org/bounties/#sork
Frequently Asked Questions: http://horde.org/faq/ To unsubscribe, mail:
sork-unsubscribe at lists.horde.org