[horde] Authorisation and virtual mail users

Jānis je at ktf.rtu.lv
Fri Feb 20 06:44:08 UTC 2015


Citēts Michael J Rubinsky <mrubinsk at horde.org>
Thu, 19 Feb 2015 16:13:22 -0500:

> Quoting Jānis <je at ktf.rtu.lv>:
>> there is the linux system with real users but for some  
>> considerations unknown to me it is of utmost importance to use  
>> virtual accounts for e-mails (postfix/dovecot/postfix-admin/mysql).
>> Currently evrth works, but the logging in twice is necessary -  
>> first - for the Horde framework, except Imp, using sys user  
>> credentials and the second - using virtual email address if one is  
>> going to read/send e-mails.
>>
>> Sys users can not be virtualized because they have huge personal homes there
>>
>> Is it possible to achieve single authorization for such strange system?
>
> If I understand your question correctly, it sounds like you are  
> using the wrong authentication backend. You should use  
> Application/IMP authentication, have the users login using the  
> virtual account credentials, and make sure you set "hordeauth" to  
> true in imp/config/backends.local.php.

So the Horde users will be 100% virtual and, for example, task list  
will belong to the virtual user at domain, not the user with sys account?

What will happen if such "beast" would want to use ssh2 backend for  
Gollem in order to access files on the system under his _system_  
account? I think this calls for the second authentification anyway,  
doesn't it?

Janis


More information about the horde mailing list