[horde] horde auth suceeds, imp auth fails, user thinks he's not logged in

Craig White craigwhite at azapple.com
Wed Oct 26 17:28:08 PDT 2005


On Thu, 2005-10-27 at 00:52 +0100, alan walters wrote:
> 
> > 
> > > We're using hordeauth to log our uses into imp.  If the IMAP server is
> > down
> > > for some reason, the login to horde (via LDAP) succeeds, but the login
> > to
> > > IMAP fails.  Unfortunately, the screen that appears is misleading
> > because
> > > it says "Login failed."  and presents the user with the
> > > Username/Password/language options.  This is dangerous for us since
> > users
> > > may not realize that they have not been logged out of horde.  If a
> > second
> > > user inputs his/her information at this subsequent login screen the
> > result
> > > is person A's attributes with person B's mail.
> > > Is there any way to _force_ a horde logout if the imp login fails?
> > 
> > chuck> Why don't you just use IMP application auth?
> 
> 
> [alan walters] 
> Authentication does a lot more with ldap. Address books other apps extra. As
> you well know chuck. 
> 
> I know I would also like to see this behaviour. Either that or no access to
> an email sign whilst signed in. ie cannot login to horde as user A and ten
> login to IMP as user B. Single sign in or no access to te application.
> 
> > 
> > A number of the attributes we need are stored in LDAP, not in IMAP.  Also,
> > the
> > theoretical plan for the future is to tie webmail into some sort of single
> > signon portal.
----
There are several different examples of doing this in different ways on
wiki.horde.org 

There's a whole section on using LDAP and there's the settings
preferences per module which shows how you can derive and use LDAP
settings derived from user's IMAP login if you are using a single userid
and password for both IMAP and LDAP, it's rather simple.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the horde mailing list