[imp] custom_login.php / auto-login to imp w/ Horde 3.0 / IMP 4.0 beta

Liam Hoekenga liamr at umich.edu
Thu Nov 4 12:56:41 PST 2004


> You probably rather want a transparent authentication driver and hordeauth
> in IMP, just like you described below.
>
> How does authenticating agains the imap server work? With the kerberos user
> from REMOTE_USER and an empty/any password?

Yes.  With IMP 3.x and my modified version of redirect.php, I've been 
doing this:

     if (!isset($_POST['imapuser'])) {
         $_POST['imapuser'] = $_SERVER['REMOTE_USER'];
         $_POST['pass'] = $_SERVER['REMOTE_USER'];
         ...

> IMP with hordauth needs a password if I'm not wrong, so you have to 
> provide some.

I made a copy of horde/lib/Horde/Auth/http.php, calling it "cosign.php" 
and did..

     function transparent()
     {
         if (!empty($_SERVER['REMOTE_USER']) &&
             !empty($_SERVER['REMOTE_USER'])) {
             $this->setAuth($_SERVER['REMOTE_USER'],
                            array('password' => $_SERVER['REMOTE_USER'],
                                  'transparent' => 1));
             return true;
         }

         $this->_setAuthError(AUTH_REASON_MESSAGE,
                 _("HTTP Authentication not found."));
         return false;
     }

Basically... the Horde username is *always* going to be the same as 
$_SERVER['REMOTE_USER'] (set by our SSO), and the password is never needed 
for IMAP authentication, so it can be set (somehow) to anything we want.

Liam


More information about the imp mailing list