[dev] Shibboleth/SSO integration

[Michael Rubinsky]

I could be wrong here, but I would image the problem is that the IMAP 
server requires the password...you could very well be authenticated to 
Horde via REMOTE_USER, but the IMAP server would know nothing about 
that...not really sure how to get around that other than storing the 
user's IMAP password somewhere within Horde, but that would kinda defeat 
the purpose...unless of course there are IMAP servers that understand 
OpenID, but I do not know enough to make an intelligent comment there....





Martin Fraser wrote:
> There doesn't seem to be an answer to the question below.
>
> I'm running into the same problem with an OpenID consumer, any ideas?
>
> Martin...
>
>
>
> Cassio Nishiguchi wrote:
>   
>> Hi,
>> I am working on developing an authentication module to integrate Horde with 
>> Shibboleth (http://shibboleth.internet2.edu), which should work basically 
>> like a single-sign-on system - by the time the user gets to Horde, he is 
>> already logged in.  Shibboleth can set the username on an HTTP header like 
>> REMOTE_USER, so I wrote a little Auth_shib class that supports transparent 
>> authentication and gets the username from the header.  However, my problem is 
>> having this work with IMP.  It seems that IMP requires a password to 
>> authenticate the user, which Shibboleth doesn't provide.  Is there any good 
>> way to get around that requirement?  Has anyone else deployed Horde/IMP 
>> behind an SSO system?  If so, how did you get the IMP login to work?
>> Any help is appreciated,
>>
>> Cassio
>>
>> __________________________
>> www.protectnetwork.org
>>
>>     
>
>
>   

-- 
Thanks,
Mike

--
The Horde Project (www.horde.org)
mrubinsk at horde.org