[horde] httpRemote auth failed (was: ldap + performance)

Andreas Schulze sca at andreasschulze.de
Thu Jun 20 21:58:12 UTC 2013 

>> May I assume nobody really use 'httpRemote' as authentication  
>> method  for horde?
$num_user += 1

> Trace the code in Horde_Auth_Http_Remote::_authenticate().

Hello,

I have a proxyserver configured. That's why I saw no connections going  
to the webserver.
The went to the proxy :-(

After changing configuration, login was still not possible due to a  
bug in Remote.php:
# diff Horde/Auth/Http/Remote.php.orig Horde/Auth/Http/Remote.php
56c56
<         $this->_params['client']->request->password = $credentials;
---
>         $this->_params['client']->request->password =  
> $credentials['password'];

It was really not easy to identify the proxy as reason. "Fortunately"  
I had today no network connection
and horde could not resolv the proxy name.

This is the error presented to the user:
Problem with htTp://locALhost: fopen(): php_network_getaddresses:  
getaddrinfo failed: Der Name oder der Dienst ist nicht bekannt.  
fopen(htTp://locALhost): failed to open stream:  
php_network_getaddresses: getaddrinfo failed: Der Name oder der Dienst  
ist nicht bekannt

The corresponding config was:
// I use random capitalization to identify my own setting...
$conf['auth']['driver'] = 'httpRemote';
$conf['auth']['params']['url'] = 'htTp://locALhost';
$conf['http']['proxy']['proxy_host'] = 'pRoXY.example.org';

Only the dnslog gave me the hint:
2013-06-20 07:11:44.120513500 [1371705104] unbound[6743:0] query:  
fec0::10 pRoXY.example.org. A IN
2013-06-20 07:11:44.128665500 [1371705104] unbound[6743:0] query:  
fec0::10 pRoXY.example.org. AAAA IN

There is simply no other hint to the proxy. That make debugging not easier.

To solve my need using a proxy *and* using no proxy for authenticating  
via webserver
I changed Auth/Http/Remote.php:
# diff Auth/Http/Remote.php.orig  Auth/Http/Remote.php
41a42,47
>         // new option in $horde_dir/config/conf.php:  
> $conf['auth']['params']['noproxy'] = true;
>         // Proxy exceptions should better be handled in  
> Horde_Http_Request_Base or similiar
>         if (!empty($params['noproxy'])) {
>             $params['client']->request->proxyServer = null;
>         }
>

Fits for me but is no generic solution. Would be better if the proxy  
configuration could handle proxy exceptions.

Btw. The Reason I use a proxy is my horde installation started on a  
IPv6 only host.
No IPv6 readyness of some horde components is the *real* problem ...

Andreas

More information about the horde mailing list