[horde] passwd with Horde 4
Michael M Slusarz
slusarz at horde.org
Tue Jun 14 18:53:58 UTC 2011
Quoting Kareem Dana <kareem.dana at gmail.com>:
> On Fri, Jun 10, 2011 at 5:01 PM, Ralf Lang <lang at b1-systems.de> wrote:
>> Am Donnerstag, 9. Juni 2011, 20:19:17 schrieb Kareem Dana:
>> > I just saw Ralf's post, but I didn't want to hijack his thread with my
>> > passwd question. Right now I used passwd with the poppassd driver on
>> > 3 in production and am gearing up to move to Horde 4.
>> > I am using the passwd code from git which I downloaded on June 6. It
>> > but does not reset my credentials within Horde, so I have to log out and
>> > log back in. My system is setup such that Horde authenticates via Imp and
>> > Imp uses IMAP Authentication. When I change my password with passwd, it
>> > successfully changes the password but IMP keeps trying to authenticate
>> > with the old password. I understand this is unreleased code but I'm
>> > willing and able to make some code changes to get this to work.
>> > Inside passwd/lib/Passwd.php I found the function resetCredentials which
>> > calls setAuthCredential() to set the new password but that either doesn't
>> > work or is not enough to get IMP to use the new password when talking to
>> > the IMAP server. Does something else need to be called here or some
>> > IMAP sessions invalidated? Any tips would be helpful as I'm familiar with
>> > PHP but not the horde framework.
>> > Thanks,
>> > Kareem Dana
>> Hi Kareem, can you please file a bug report?
>> I am on a long weekend holiday and might forget,
>> but maybe you can patch it yourself.
>> What resetCredentials basically needs to do (but doesn't) is
>> * look if the authentication backend is Horde_Auth_Application
>> * If so, call
>> $GLOBALS['registry']->setAuthCredential('password', $new_password,
>> $GLOBALS['registry']->setAuthCredential('password', $new_password);
>> Ralf Lang
>> Linux Consultant / Developer
>> B1 Systems GmbH
>> Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de
>> GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
> I submitted a bug report Ticket #10228. I added an additional comment
> because I tried what you suggested and IMP still did not authenticate with
> the new password. It didn't even try to log back into the IMAP server.
> Thanks for taking a look at it.
IMP caches its password within the Horde_Imap_Client object. It does
not use Horde credentials once a login is successful.
Changing a password mid-session is not a good idea. It will break
using something like imapproxy, for example. And AFAIK, there is no
guarantee that a password changed by the passwd module will do
something like change an IMAP password - since in most cases, the IMAP
server is entirely remote to the Horde installation. So simply
changing all current passwords in a Horde session is a Bad Idea.
Michael Slusarz [slusarz at horde.org]
More information about the horde