[imp] pass client ip during authentication
Arjen de Korte
arjen+horde at de-korte.org
Thu Sep 25 13:30:16 UTC 2014
Citeren Systeembeheer BCS <adje at bezoekerscentrumsonsbeek.nl>:
> Citeren Arjen de Korte <arjen+horde at de-korte.org>:
>
>> Citeren Systeembeheer BCS <adje at bezoekerscentrumsonsbeek.nl>:
>>
>>> Citeren Arjen de Korte <arjen+horde at de-korte.org>:
>>>
>>>> Citeren Systeembeheer BCS <adje at bezoekerscentrumsonsbeek.nl>:
>>>>
>>>>> Using imp for authentication with dovecot IMAP, working fine. But now I
>>>>> would like to make use of dovecot's allow_nets feature to restrict
>>>>> logins from certain ip's. To make that work, imp should pass the
>>>>> client's ip (as seen by apache) to dovecot during authentication, but
>>>>> instead it passes 127.0.0.1 for both lip and rip. Any way to change
>>>>> this?
>>>>
>>>> No. Horde doesn't pass the connecting IP to Dovecot. This is determined
>>>> by Dovecot itself, by looking at the local and remote IP for the socket
>>>> that is used for communication.
>>>
>>> Ah, thanks. Looks like I have to switch to another auth mechanism
>>> instead to get this working.
>>
>> What are you trying to accomplish? Do you want to restrict the IP's
>> from where your users can connect to Horde? In that case, a
>> .htaccess file placed in the directory where Horde lives may be
>> what you're looking for:
>
>
> Not exactly. What I try to achieve is that while all accounts should
> be accessible from machines within our lan ip range, only some
> accounts should be able to login from the outside world as well
> (coming from ip's outside our lan range). So I need to restrict
> access to accounts based upon an ip range. Dovecot's allow_nets
> feature would do just that but because all imp logins come from
> localhost instead of from the client ip, I can not use it.
Ah, now I understand. You can use the preauthenticate or
postauthenticate hooks (see horde/config/hooks.php.dist) for that.
--
This message was sent from a mailinglist subscription address.
For off-list replies, you must remove the address extension.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5849 bytes
Desc: S/MIME Signature
URL: <http://lists.horde.org/archives/imp/attachments/20140925/a2367b65/attachment.bin>
More information about the imp
mailing list