[horde] Horde with LDAP auth and e-mail as IMAP username

Ivajlo Karabojkov ivo at tugab.bg
Sat Aug 7 09:40:07 UTC 2021 

I just forgot to mention that I've managed to authenticate IMP by using 
its backends.php - 'hordeauth' => 'full', but in this case IMP's 
preauthenticate hook seems not working. I've used Horde's authusername 
hook where the domain part is added to the username.
I'm afraid that now Horde believes that the username is actually the 
e-mail address, but my LDAP uses only the UID attribute. I can strip the 
'@domain.com' for the Horde passwd but I'm not sure what else may go wrong.

On 06.08.2021 10:30 ч., Ivajlo Karabojkov wrote:
> Thank you very much! That worked, but with some strange behavior - 
> when the user clicks to "Mail" the login screen shows up. If the 
> ordinary username (without the domain) and the password is provided 
> everything works.
> Can I suppress the secondary login, as the username and the password 
> is already supplied?
>
> Here is my IMP preauthenticate hook:
>
>      public function preauthenticate($userId, $credentials)
>      {
>          switch ($credentials['authMethod']) {
>          case 'admin':
>              return true;
>
>          case 'authenticate':
>             // Example #1: Append the virtual domain to the username.
>             // ex. $HTTP_HOST = 'mail.mydomain.com', $userId = 
> 'myname' returns:
>             // 'myname at mydomain.com'
>             $vdomain = 'my.domain.com';
>             return array (
>                 'credentials' => $credentials,
>                 'userId' => $userId . '@' . $vdomain
>             );
>         }
>      }
>
>
>
> On 06.08.2021 00:31 ч., Michael J Rubinsky wrote:
>>
>> Quoting Ivajlo Karabojkov <ivo at tugab.bg>:
>>
>>> Hi,
>>>
>>> I'm trying to set up a Horde with LDAP authentication and user 
>>> management.
>>> Each mail domain should have its own horde configuration and users 
>>> log in with their username (cn). But the IMAP server works in 
>>> "virtual users" mode and expects as an username the e-mail address, 
>>> consisting the username (cn)+"@"+domain.com.
>>> Is it possible to configure IMP to send the whole e-mail address as 
>>> an username to the IMAP server without asking users to enter it as 
>>> username?
>>
>> Sounds like you want IMP's preauthenticate hook. See 
>> imp/config/hooks.php.dist
>>
>>
>>
>>
>>> Best regards,
>>> Ivo
>>> -- 
>>> Horde mailing list
>>> Frequently Asked Questions: http://horde.org/faq/
>>> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>>
>>
>>
>>
>

More information about the horde mailing list