[horde] Questions on using passwd http driver
John H. Bennett III
bennettj at thebennetthome.com
Mon Jul 1 19:08:43 UTC 2013
Quoting Ralf Lang <lang at b1-systems.de>:
>> The server that I'm trying to use passwd on to change a users password
>> is same, that the user logs into, so I would think that it's already
>> trusted.
>
> This can easily be tested with a curl command against the password
> changing url. We don't need to guess.
First off, thank you for your help. Didn't state that last time. I
didn't know about testing with curl, had to do some reading. If I use
curl and try to go to the https site, I get:
curl https://www.mytestdomain.com/user-password
curl: (60) Peer certificate cannot be authenticated with known CA certificates
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
If I use the --cacert parameter, then I'm able to get to the site.
curl --cacert /etc/ssl/certs/www.mytestdomain.com.crt
https://www.thebennetthome3.com
>
>>> Out of curiosity: What kind of authentication do the website and horde
>>> use?
>>
>> The website with the password changing page, uses username. Horde also
>> uses username, but appends the realm, via a hook when loggin.. So when
>> I go to passwd, I see user at domain, which is another issue that I may
>> need to work out later.
>
> Have you tried the "horde" passwd backend?
Yes, and I didn't expect it to work. Error states, "Failure in
changing password for Horde Authentication: The current horde
configuration does not allow changing passwords."
These users don't log into a Linux shell, they are mostly Windoze
users using file sharing, webmail, and some other servers.
>
>
> --
> Ralf Lang
> Linux Consultant / Developer
> Tel.: +49-170-6381563
> Mail: lang at b1-systems.de
> B1 Systems GmbH
> Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de
> GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
>
John
More information about the horde
mailing list