[horde] Different user names and passwords for Horde and IMAP

Wed Mar 13 07:47:28 UTC 2013

  Quoting Ralf Lang <lang at b1-systems.de>:

>> Is it possible to map the local users' usernames and passswords to
>> the usernames and passwords used by the IMAP server so that the
>> user won't have to login to IMP (which is impossible since they
>> don't know their IMAP passwords) after logging in to Horde?
>
> Yes. You need a hook.
>
>>  

I feared that was the answer because I've never experimented with hooks
before, and the documentation I've been able to find online seems either
dated or inconsistent. :-/

In any event, I managed to figure it out eventually. For reference, he's
how I solved it:

1. The backends include an 'imap' server, which is referenced by the hook
when the $server variable is set.

2. The horde database is augmented with a custom table mapping local
usernames to the usernames and passwords of the remote IMAP host.

3. The IMP hook looks like this (company details) removed:

class IMP_Hooks
{
    /**
     * Hook that converts preferred usernames to the
     * usernames used for the remote IMAP login.
     */
    public function preauthenticate( $userId, $credentials )
    {
        global $conf;
        require dirname( __FILE__ ) . '/../config/conf.php';
        if( ! empty( $userId ) )
        {
            // Lookup IMAP username and password for the preferred
username
            // in the custom_table that is stored in the horde
database.
            $dbhost   = $conf[ 'server' ][ 'name' ];
            $dbuser   = $conf[ 'sql' ][ 'username' ];
            $dbpasswd = $conf[ 'sql' ][ 'password' ];
            $dbname   = $conf[ 'sql' ][ 'database' ];
            $mysqli = new mysqli( "localhost", $dbuser, $dbpasswd,
$dbname );
            if( $mysqli->connect_error )
            {
                die( 'Cannot access username mapping database' );
            }
            $res = $mysqli->query( "SELECT remoteuser, remotepassword
FROM custom_table WHERE username='" . $mysqli->escape_string( $userId ) .
"'" );
            if( ! $res )
            {
                Horde::logMessage( $mysqli->error, 'ERR' );
                die( 'Cannot query username mapping database' );
            }
            $newCred = $res->fetch_assoc( );
            if( $newCred === false )
            {
                die( 'Cannot read username from database' );
            }
            $imapUserId = $newCred[ 'remoteuser' ];
            $imapPasswd = $newCred[ 'remotepassword' ];
            Horde::logMessage( "Translating login $userId to
$imapUserId", 'INF' );
            // Login with the IMAP credentials.
            $server      = 'imap';
            $credentials = array( 'server'      => $server,
                                  'transparent' => true,
                                  'password'    =>
$imapPasswd
                                  );
            return array( 'credentials' => $credentials,
                          'userId'      => $imapUserId );
        }
        return true;
    }
}
-- 
Ole Wolf
Rødhættevej 4 • 9400 Nørresundby
Telefon: 9632-0108 • Mobil: 2467-5526 • Skype: ole.wolf

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: PGP Digital Signature
URL: <http://lists.horde.org/archives/horde/attachments/20130313/fe54f142/attachment-0001.bin>