[horde] alternate_login / redirect_on_logut in horde using IMAP
auth not (application->imp->imap)
cpickert at t3inc.us
cpickert at t3inc.us
Sat May 15 18:01:15 PDT 2004
Hello guys,
I'm using the get_login.php and a super-tiny HTML login that gives GET vars
(hacked to add strtolower() and $vhost = preg_replace('|^www\.|i', '',
strtolower(getenv('HTTP_HOST')) in order to get the @domain.tld to
courier-imap) w/ the newest CVS->HEAD and 'full' in my hordeauth inside IMPs
servers.php.
I've looked into the hooks and realize they do very similar things to above,
yet do it from auth(imap)->horde(pref) and vice versa(as well as the
String::lower to aid in case ubiquity), not actually changing user input in
their login to add their current virtual host. There's a ''security breach'' by
handing auth data via GET (although it's SSL) the custom_login.php that POSTS
to imp/redirect.php doesn't allow me to get the @domain.tld in without hacking
redirect.php and breaking CVS sync.
So thats the background, what I'm wondering is that with IMP as the auth
handler via 'application', you can define ['user']['alternate_login'] and
['user']['redirect_on_logout'] to URLs to my custom login page, which works
great with IMP as the authhandler. I've tried defining them in the conf.php of
horde but it doesn't do the trick. Also, I have to set the vars to false in
IMPs conf.php or the hordeauth->full doesn't work right...
Trying to hunt down a way.. Please post up your suggestions and reflections..
It's confusing, I know but, it makes a helluva lotta sense for massive virtual
hosts using courier-imap .. Maybe there's better ways, and I've tried others in
the past. Just doing my best, help where you can!
Thanks to all!
-- Chris Pickert
More information about the horde
mailing list