[horde] howto to specify syncml or activesync auth driver

LALOT Dominique dom.lalot at gmail.com
Tue May 10 15:23:06 UTC 2011


2011/5/7 Michael J Rubinsky <mrubinsk at horde.org>

> LALOT Dominique <dom.lalot at gmail.com> wrote:
>
> >Hello,
> >
> >I post another mail following the composite auth driver I mentionned
> >earlier.
> >
> >For auth, we use shibboleth and it works fine. Shibboleth manage both
> >SSO
> >and identity federation. So from the client side, the brower is
> >redirected
> >to several services and at the end, apache delivers the user name to
> >Horde
> >via environnement. In fact Apache shibboleth module says, "just believe
> >me"
> >and the user is logged in and no password has been seen on the horde
> >side.
> >That works great with humans and provide SSO, a little bit more
> >complicated
> >than a CAS driver but with much more possibilities.
> >
> >But I want to use syncml or ActiveSync which were working well when my
> >auth
> >driver was imap or ldap. As the default auth handler is shibboleth,
> >devices
> >are no more able to log in. We should find a way to say rpc.php auth
> >driver is ldap or imap
> >2011-05-05T15:09:21+02:00 INFO: HORDE [horde]
> >Horde_ActiveSync_Driver_Horde::logon attempt for: lalot [pid 22677 on
> >line
> >80 of "/usr/share/php/Horde/Core/ActiveSync/Driver.php"]
> >2011-05-05T15:09:21+02:00 INFO: HORDE [horde] Access denied for user:
> >lalot.
> >Username or password incorrect. [pid 22677 on line 203 of
> >"/usr/share/php/Horde/Rpc/ActiveSync.php"]
> >In Horde3 a colleague added a code to conf.php, but we can't do that
> >with
> >Horde4
> >if (!function_exists('_horde_select_loginscreen')) {
> >    function _horde_select_loginscreen() {
> >       if (preg_match('|^/horde/rpc.php|',$_SERVER['REQUEST_URI']) ||
> >$GLOBALS['browser']->isMobile()) {
> >             return 'ldap_drv';
> >       }
> >       return 'cas_drv';
> >    }
> >}
> >Any ideas?
> >
> >Thanks
> >
> >Dom
> >--
> >Dominique LALOT
> >Ingénieur Systèmes et Réseaux
> >http://annuaire.univmed.fr/showuser.php?uid=lalot
> >--
> >Horde mailing list
> >Frequently Asked Questions: http://horde.org/faq/
> >To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>
> Sounds like a good candidate for a new config option. This could be checked
> for in the Horde_Rpc#authorize method.  This probably couldn't happen
> upstream until Horde 5 though - along with some other refactorings to pull
> some core dependencies out of Rpc.
>
> You might be able to do something locally in Horde/Rpc.php (in the
> authorize method, instantiate the auth driver you want explicitly instead of
> grabbing it via the injector).
>
>
Excuse me Mike, but I am not a pro of PHP and object programming. I don't
know how to do that. Can you show me an example that I can adapt.

Thanks

Dom



> HTH
>
> --
> Mike
> Sent from mobile
>



-- 
Dominique LALOT
Ingénieur Systèmes et Réseaux
http://annuaire.univmed.fr/showuser.php?uid=lalot


More information about the horde mailing list