[Tickets #12186] Re: activesync component does not username canonified by authusername() hook
noreply at bugs.horde.org
noreply at bugs.horde.org
Sat Apr 20 10:53:02 UTC 2013
BITTE NICHT AUF DIESE NACHRICHT ANTWORTEN. NACHRICHTEN AN DIESE
E-MAIL-ADRESSE WERDEN NICHT GELESEN.
Ticket-URL: http://bugs.horde.org/ticket/12186
------------------------------------------------------------------------------
Ticket | 12186
Aktualisiert Von | enrico.scholz at sigma-chemnitz.de
Zusammenfassung | activesync component does not username canonified by
| authusername() hook
Warteschlange | Horde Base
Version | Git master
Typ | Bug
Status | Resolved
Priorität | 1. Low
Milestone |
Patch |
Zuständige | Michael Rubinsky
------------------------------------------------------------------------------
enrico.scholz at sigma-chemnitz.de (2013-04-20 10:53) hat geschrieben:
Thanks for the quick response. But the patch seems to make things
worse. Some more words about my setup:
* there are two virtualhosts 'mail.realm.org' and
'mail.other-realm.org' which access two different mailservers
'mailbox0' and 'mailbox1'.
* when user 'a' logs in on 'mail.realm.org' the authusername() hook
normalizes its name to 'a at realm.org' but authentication on 'mailbox0'
happens with plain 'a'
* similarly, user 'b' logging in on 'mail.other-realm.org' gets
canonified to 'b at other-realm.org'
There are situations where both mailbox0 and mailbox1 have accounts
for userid 'c' which is associated with two different people.
Accounts must be kept distinct hence.
Ideally, the @realm.org and @other-realm.org canonification should
happen transparently and not visible to users.
Without the patch:
* entering 'a' as its userid on a Android devices associated the
device; but it is visible to the administrator in the global
activesync device list. User 'a' does not see it in its configuration
screen.
* entering 'a at realm.org' as userid made the device visible to the user
too. But I had to wrote a preauthenticate() hook which strips the
'@realm.org' away. Without this hook, authentication to mailbox0
happens as 'a at realm.org'.
With the patch the device is not visible anymore for the last point.
More information about the bugs
mailing list