Gollem Login option
Samuel Mota
samuel@gsw.com.br
Thu, 3 Jan 2002 12:39:43 -0200
Hello,
I needed to allow users without email accounts (that can not login at imp,
my default horde auth system) to use Gollem to access my FTP server (my
clients will use it). Then I did some changes to allow this.
But I'm not used with *nix development tools and at this time and I will not
be able to send my modifications at the correct form (any links and tips?).
Then I'm sending my modifications here with some comments
#########################################################################
CONFIG/CONF.PHP (inside the "Users Capabilities and Constraints" section)
#########################################################################
// If this is 'true' Gollem will accept login attempts from anyone
// that meets 'valid_domains' even if Gollem is not the Horde Login
// option and the user is not logged in Horde
$conf['user']['foreign_user']['allow'] = true;
// List of IPs or domain names that your foreign user must be
// if an empty array is set and allow is true all users could login at
gollem
// (preceed domain names with one dot)
#$conf['user']['foreign_user']['valid_domains'] =
array('127.0.0.1','.example.com');
#########################################################################
#########################################################################
LIB/BASE.PHP
#########################################################################
/**
* Auxiliar function used at allowForeignUser()
* Remove the ip Address form Host information
*
* @return string (only the host name)
**/
function getHost($host) {
$host=chop(@gethostbyaddr($host));
if($host){
$host_arr=explode(".", $host);
$count=count($host_arr);
if($count > 1){
if(intval($host_arr[$count-1])!=0)
$userHost=substr($host,0,strrpos($host,"."));
else
$userHost = substr(strstr($host, "."),1);
} else {
$userHost=$host;
}
} else {
$userHost="";
}
return $userHost;
}
/**
* Confirm if this user domain is allowed to access without Horde auth.
*
* @return bool
* true -> this user can login direct at gollem
* false-> this user must use Horde auth
**/
function allowForeignUser() {
global $conf; //set at conf/conf.php
if(!$conf['user']['foreign_user']['allow']) { //user must be logged in
Horde
return false;
exit;
} elseif(sizeof($conf['user']['foreign_user']['valid_domains'])==0) {
//any user can loggin direct at Gollem
return true;
exit;
} else { //we will check if the user is in an acceptable domain
$returnValue = false;
$userHost = getHost($GLOBALS['REMOTE_ADDR']);
/* Verify the list of valid domains against the user domain*/
while($domain =
each($conf['user']['foreign_user']['valid_domains'])) {
$host = getHost(gethostbyaddr($domain[1]));
if($host==$userHost) { //they meet
$returnValue = true;
break; //finish the loop
}
}
return $returnValue;
}
}
#########################################################################
One improvement that could be made is allow checking for IP addresses not
only for domains (using ip ranges)
(this function change everything to domain name and validate, this generate
a problem when your client is connected to the internet through a ISP
gateway because all ISP's clients will have the same domain)
I'll do it someday (I hope) but for now this is my solution.
Any comments?
Thanks
Samuel Mota
>From jan@horde.org Date: Thu, 3 Jan 2002 15:51:55 +0100
Return-Path: <jan@horde.org>
Mailing-List: contact dev-help@lists.horde.org; run by ezmlm
Delivered-To: mailing list dev@lists.horde.org
Received: (qmail 5688 invoked from network); 3 Jan 2002 15:01:12 -0000
Received: from mailout10.sul.t-online.com (194.25.134.21)
by clark.horde.org with SMTP; 3 Jan 2002 15:01:12 -0000
Received: from fwd05.sul.t-online.de
by mailout10.sul.t-online.de with smtp
id 16M9Mj-0008QC-05; Thu, 03 Jan 2002 16:01:09 +0100
Received: from linux.wg.de (320034214675-0001@[217.225.46.126]) by fmrl05.sul.t-online.com
with esmtp id 16M9MU-2HKrWyC; Thu, 3 Jan 2002 16:00:54 +0100
Received: from localhost (localhost [127.0.0.1])
by linux.wg.de (8.11.0/8.11.0/SuSE Linux 8.11.0-0.4) with ESMTP id g03Ept917072
for <dev@lists.horde.org>; Thu, 3 Jan 2002 15:51:55 +0100
Received: from 192.168.60.1 ( [192.168.60.1])
as user jan@linux by linux.wg.de with HTTP;
Thu, 3 Jan 2002 15:51:55 +0100
Message-ID: <1010069515.3c34700b2e72d@linux.wg.de>
Date: Thu, 3 Jan 2002 15:51:55 +0100
From: Jan Schneider <jan@horde.org>
To: dev@lists.horde.org
References: <DJEILBHPPNCLMOPLANCHIEBBJPAA.samuel@gsw.com.br>
In-Reply-To: <DJEILBHPPNCLMOPLANCHIEBBJPAA.samuel@gsw.com.br>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
User-Agent: Internet Messaging Program (IMP) 4.0-cvs
X-Sender: 320034214675-0001@t-dialin.net
Subject: Re: [dev] Gollem Login option
Chuck added a basic ip based authentication driver to the Auth:: class
recently that does almost exactly what you did.
Did you try this one? You find the driver in horde/lib/Auth/ipbasic.php.
Jan.
Zitat von Samuel Mota <samuel@gsw.com.br>:
> Hello,
>
> I needed to allow users without email accounts (that can not login at
> imp,
> my default horde auth system) to use Gollem to access my FTP server (my
> clients will use it). Then I did some changes to allow this.
> But I'm not used with *nix development tools and at this time and I will
> not
> be able to send my modifications at the correct form (any links and
> tips?).
>
> Then I'm sending my modifications here with some comments
>
> #########################################################################
> CONFIG/CONF.PHP (inside the "Users Capabilities and Constraints"
> section)
> #########################################################################
> // If this is 'true' Gollem will accept login attempts from anyone
> // that meets 'valid_domains' even if Gollem is not the Horde Login
> // option and the user is not logged in Horde
> $conf['user']['foreign_user']['allow'] = true;
> // List of IPs or domain names that your foreign user must be
> // if an empty array is set and allow is true all users could login at
> gollem
> // (preceed domain names with one dot)
> #$conf['user']['foreign_user']['valid_domains'] =
> array('127.0.0.1','.example.com');
> #########################################################################
>
> #########################################################################
> LIB/BASE.PHP
> #########################################################################
> /**
> * Auxiliar function used at allowForeignUser()
> * Remove the ip Address form Host information
> *
> * @return string (only the host name)
> **/
> function getHost($host) {
> $host=chop(@gethostbyaddr($host));
> if($host){
> $host_arr=explode(".", $host);
> $count=count($host_arr);
> if($count > 1){
> if(intval($host_arr[$count-1])!=0)
> $userHost=substr($host,0,strrpos($host,"."));
> else
> $userHost = substr(strstr($host, "."),1);
> } else {
> $userHost=$host;
> }
> } else {
> $userHost="";
> }
> return $userHost;
> }
>
> /**
> * Confirm if this user domain is allowed to access without Horde auth.
> *
> * @return bool
> * true -> this user can login direct at gollem
> * false-> this user must use Horde auth
> **/
> function allowForeignUser() {
> global $conf; //set at conf/conf.php
> if(!$conf['user']['foreign_user']['allow']) { //user must be logged
> in
> Horde
> return false;
> exit;
> } elseif(sizeof($conf['user']['foreign_user']['valid_domains'])==0)
> {
> //any user can loggin direct at Gollem
> return true;
> exit;
> } else { //we will check if the user is in an acceptable domain
> $returnValue = false;
> $userHost = getHost($GLOBALS['REMOTE_ADDR']);
> /* Verify the list of valid domains against the user domain*/
> while($domain =
> each($conf['user']['foreign_user']['valid_domains'])) {
> $host = getHost(gethostbyaddr($domain[1]));
> if($host==$userHost) { //they meet
> $returnValue = true;
> break; //finish the loop
> }
> }
> return $returnValue;
> }
> }
> #########################################################################
>
> One improvement that could be made is allow checking for IP addresses
> not
> only for domains (using ip ranges)
> (this function change everything to domain name and validate, this
> generate
> a problem when your client is connected to the internet through a ISP
> gateway because all ISP's clients will have the same domain)
> I'll do it someday (I hope) but for now this is my solution.
>
> Any comments?
>
> Thanks
>
> Samuel Mota
>
>
> --
> Horde Developers mailing list: http://horde.org/
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: dev-unsubscribe@lists.horde.org
>
>
::::::::::::::::::::::::::::::::::::::::
AMMMa AG - discover your knowledge
:::::::::::::::::::::::::::
Detmolder Str. 25-33 :: D-33604 Bielefeld
fon +49.521.96878-0 :: fax +49.521.96878-20
http://www.ammma.de
::::::::::::::::::::::::::::::::::::::::::::::
>From jan@horde.org Date: Thu, 3 Jan 2002 16:23:31 +0100
Return-Path: <jan@horde.org>
Mailing-List: contact dev-help@lists.horde.org; run by ezmlm
Delivered-To: mailing list dev@lists.horde.org
Received: (qmail 7739 invoked from network); 3 Jan 2002 15:31:11 -0000
Received: from mailout02.sul.t-online.com (194.25.134.17)
by clark.horde.org with SMTP; 3 Jan 2002 15:31:11 -0000
Received: from fwd08.sul.t-online.de
by mailout02.sul.t-online.de with smtp
id 16M9pf-0003lg-0P; Thu, 03 Jan 2002 16:31:03 +0100
Received: from linux.wg.de (320034214675-0001@[217.225.46.126]) by fmrl08.sul.t-online.com
with esmtp id 16M9pX-10CLsOC; Thu, 3 Jan 2002 16:30:55 +0100
Received: from localhost (localhost [127.0.0.1])
by linux.wg.de (8.11.0/8.11.0/SuSE Linux 8.11.0-0.4) with ESMTP id g03FNW917199
for <dev@lists.horde.org>; Thu, 3 Jan 2002 16:23:32 +0100
Received: from 192.168.60.1 ( [192.168.60.1])
as user jan@linux by linux.wg.de with HTTP;
Thu, 3 Jan 2002 16:23:31 +0100
Message-ID: <1010071411.3c347773b4b9e@linux.wg.de>
Date: Thu, 3 Jan 2002 16:23:31 +0100
From: Jan Schneider <jan@horde.org>
To: "dev@lists.horde.org" <dev@lists.horde.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
User-Agent: Internet Messaging Program (IMP) 4.0-cvs
X-Sender: 320034214675-0001@t-dialin.net
Subject: parent:: $this-> and other stuff
We often use classes as packages rather than constructors like the Horde::
class for example. These package classes do also support inheritance and
the parent:: operator, but of course not the $this operator as there is no
object to be referenced.
Now I've run into a problem that perhaps someone else can fix or
workaround. Say we have these classes:
class Horde {
function foo() {
do_something();
}
function bar()
{
Horde::foo()
}
}
class Horde_sub extends Horde {
function foo() {
parent::foo();
do_something_else();
}
}
The intention is hopefully clear. When I call Horde_sub::bar() I want to
execute this chain: Horde_sub::bar() -> Horde_sub::foo() -> Horde::foo() ->
do_something() -> do_something_else()
This doesn't work of course because Horde_sub::bar() (inherited from
Horde::bar()) call Horde::foo() instead of Horde_sub::foo(). If this were
an object I would write $this->foo() in Horde::bar() and everything would
work. Can anybody think of a construct which makes this work with these
package style classes also (something like this::foo() which doesn't work
of course)?
Jan.
::::::::::::::::::::::::::::::::::::::::
AMMMa AG - discover your knowledge
:::::::::::::::::::::::::::
Detmolder Str. 25-33 :: D-33604 Bielefeld
fon +49.521.96878-0 :: fax +49.521.96878-20
http://www.ammma.de
::::::::::::::::::::::::::::::::::::::::::::::