[imp] Horde/IMP with kerberos5

Tobias Drewry tdrewry at bu.edu
Tue Jul 15 14:25:57 UTC 2008


This sounds like a Kerberos problem rather then a Horde problem.

At BU we use Kerberos authentication for nearly all web based access.
Our system is setup with a centralized Kerberos authentication server
and then clients generate access tickets with authentication to the
Kerberos server within a scope -- i.e. to access webmail, the web login
interface is told to generate a ticket for the requesting client in the 
scope of e-mail.

The reason I mention this is not that I think our methodology is going
to be useful for you to know, rather I mention it so you realize what kind 
of information you'll need to supply for anyone to be able to assist in 
debugging the problem.

------------------------------------------------------------------
Tobias Drewry                                         617-353-8282
Analyst/Consultant III                              tdrewry at bu.edu
Boston University                         Central Consulting Group
------------------------------------------------------------------

On Tue, 15 Jul 2008, Martin Podworny wrote:

> Hi,
>
> since a couple of days i tried to integrate Horde3/IMP4 in our
> Kerberos5-infrastructure. The webmailer should connect to a Cyrus imapd
> (all installed on a Debian 4.0/Etch), which authenticate imapuser with
> help of saslauthd. Sasl in turn use GSSAPI/Kerberos as authentication
> mechanism. With this setup, it is possible to login (thunderbird or
> imtest).
>
> In Horde i configured the following:
>
> Administration->Authentication->What backend should we use for
> authenticating users to Horde->Kerberos authentication
>
> After setting this and install php-extension for krb5, it is possible
> to logon with a valid credential. But how can i switch with this
> credential, which is validated from hordeauth, to IMP? I tried it with
> the following in /etc/horde3/imp4/server.php
>
> $servers['cyrus'] = array(
>    'name' => 'IMAP Server',
>    'server' => 'host.domain.de',
>    'hordeauth' => true,
>    'protocol' => 'imap/notls',
>    'port' => 143,
>    'maildomain' => 'domain.de',
>    'smtphost' => 'smtphost.domain.de',
>    'smtpport' => 25,
>    'realm' => '',
>    'preferred'
> ...
> }
>
> Login to horde succeeded, but if i click on "Mail" it appear "Login
> failed". The logfile horde.log says this:
>
> Jul 15 14:56:16 HORDE [notice] [horde] Login success for imapuser
> [NNN.NN.NN.NN] to Horde [on line 90 of "/usr/share/horde3/login.php"]
> Jul 15 14:56:19 HORDE [error] [imp] FAILED LOGIN NNN.NN.NN.NN to
> host.domain.de:143[imap/notls] as imapuser [on line 258 of
> "/usr/share/horde3/imp/lib/Auth/imp.php"]
>
> Have anyone a hint? Thank you very much,
>
> Martin
> --
> Universität zu Köln :: Universitäts- und Stadtbibliothek
> IT-Dienste
> Universitätsstr. 33 :: D-50931 Köln
> Tel.: +49 221 470-3330 :: Fax: +49 221 470-5166
> podworny at ub.uni-koeln.de :: www.ub.uni-koeln.de
> -- 
> IMP mailing list - Join the hunt: http://horde.org/bounties/#imp
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: imp-unsubscribe at lists.horde.org
>
>


More information about the imp mailing list