[horde] use horde/imp login to restrict a non-horde webpage

Bill Graham grahamcw at hurleybulldogs.com
Thu Sep 28 21:45:55 PDT 2006


I am not an expert at horde/php - but I get the feeling you think you  
can "protect" a directory by running a single front end index.php  in  
a subdirectory using horde and the framework.
It doesn't really work that way.

You can't secure an .html element in a directory with Horde
You can't secure a .gif in a directory with horde - etc.
Access control  to the above sort of resources are handled by the web server.

For the facility you are implying, all executables  will have to participate -
each "screen" will have to be in php and will have to call something  
that will vallidate the authority.

So in essence you will have to write your own Horde application.
You might want to look at the skeleton code out on CVS

Hope that helps

Bill

Quoting Philip Goisman <goisman at physics.arizona.edu>:

> Jan Schneider <jan <at> horde.org> writes:
>
>> > Hi,
>> >
>> >    Thanks for the initial reply.  I took your response and searched
>> > on this, but
>> > found nothing - that I recognized - that would get me going further
>> > towards this
>> > goal.  So, I'd like to ask two additional questions:
>> >
>> > 1. May this webpage reside outside of the horde tree?
>>
>> Yes, as long as they share the same cookie path/domain or you use url
>> based sessions.
>>
>> > 2. Is there documentation and/or a simple example available to
>> > demonstrate your
>> > previous advice/hint?
>>
>> Something along:
>>
>> require_once 'Horde/Auth.php';
>> $user = Auth::getAuth();
>>
>> Jan.
>>
>
>
> As I'm not a php expert or even well-informed on php, I'll need more help
> than the above.  Is your jeta module a good example upon which to model
> the tool I need? I would have thought a simple single index.php file would
> have been all I would have needed to secure a page/directory.  After that,
> someone more familiar with writing php & mysql could write what they
> need to be on that page/directory.
>
> Philip
>
> --
> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>



-- 

Bill Graham
Systems Administrator
Hurley Public Schools
Hurley,SD 57036
USA
grahamcw at hurleybulldogs.com


----------------------------------------------------------------
This electronic  mail sent from Hurley Public Schools - Hurley, South Dakota
http://www.hurleybulldogs.com

NOTICE: This E-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may
be legally privileged. If you are not the intended recipient, you are hereby
notified that any retention, dissemination, distribution, or copying of this
communication is strictly prohibited. Please reply to the sender that you
have received the message in error, then delete it. Thank you.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-keys
Size: 1375 bytes
Desc: PGP Public Key
Url : http://lists.horde.org/archives/horde/attachments/20060928/11412a77/attachment.bin


More information about the horde mailing list