[Tickets #10617] Re: INGO Auth Generation Incorrect

bugs at horde.org bugs at horde.org
Mon Oct 10 17:44:54 UTC 2011 

DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/10617
------------------------------------------------------------------------------
  Ticket             | 10617
  Updated By         | mcrosson_horde at nusku.net
  Summary            | INGO Auth Generation Incorrect
  Queue              | Ingo
  Version            | 2.0.5
  Type               | Bug
  State              | Feedback
  Priority           | 2. Medium
  Milestone          |
  Patch              | 1
  Owners             |
+New Attachment     | sieve-auth-command.pl
------------------------------------------------------------------------------


mcrosson_horde at nusku.net (2011-10-10 17:44) wrote:

>> When trying to setup Ingo with my Dovecot Managesieve server I ran
>> into an authentication issue.  Ingo was always including the Horde
>> user credential when generating the base64 encoded plain
>> authentication as the first field.  I need this field to be blank in
>> order for Dovecot to properly authenticate.
>
> I don't follow. What are you talking about?
I am referring to the credential's that are passed to the Net_Sieve  
object.  Specficially always using the horde username as the effective  
user.

> That doesn't make sense, how is managesieve supposed to know for  
> which user to accept the uploaded script, if you hardcode the  
> effective user to a fixed value?
 From what I have been able to gather, the username that is used to  
authenticate is used as the effective user by Dovecot's managesieve  
server.   When authenticating against Dovecot's managesieve  
implementation the effective user needs to be set to null.  I have  
attached the perl script Dovecot provides for testing authentication.

I agree that setting the effective user to a static string or null  
does not make sense.  The intent of the patch I attached to the ticket  
was to allow the effective user to be set via  backends.local.php in  
edge cases and keeping the current behavior as the default.



mcrosson_horde at nusku.net (2011-10-10 17:44) uploaded: sieve-auth-command.pl

http://bugs.horde.org/h/services/download/?module=whups&actionID=download_file&file=sieve-auth-command.pl&ticket=10617&fn=%2Fsieve-auth-command.pl

More information about the bugs mailing list