[sork] Passwd backends
- Fredde -
nagash303 at hotmail.com
Fri Jan 28 04:19:30 PST 2005
Yep, works fine! Thanks man!
I think 2 features should be included in next version of horde-passwd.
1. config false/true for fulll user at domain username.
2. config hide/show username filed (when hide, not able to change user to
change password for)
Greets,
Fredde
>
>Fredde,
>
>I've mailed you separately with the hack I've implemented for my
>installation, as I didn't feel it was appropriate to post to the list. It
>really is just a hack at the moment, and certainly nothing like the
>functional patch I'm suggesting.
>
>However, if anyone else wants it pending the outcome of the decision
>regarding a possible patch, drop me a line.
>
>Peter.
>
>-----Original Message-----
>From: sork-bounces at lists.horde.org [mailto:sork-bounces at lists.horde.org] On
>Behalf Of - Fredde -
>Sent: 28 January 2005 09:36
>To: sork at lists.horde.org
>Subject: RE: [sork] Passwd backends
>
> > > Re: hooks; yup, I'd considered this and even tried it, but having
> >previously
> > > searched around for information on this issue (and a related one,
> > > more
> >on
> > > that in a few days), I'd realised that I wasn't alone in this
> >requirement,
> > > and that it's quite a common one.
> >
> >But the hook should solve the problem, common or not, unless I'm not
> >understanding the problem correctly.
>
>How do I use hook to include the @mydomain.com in the "username" field?
>
> > > The thing that led me to suggest this modification, rather than just
> >hacking
> > > my own installation and keeping quiet, was that there is a similar
> >setting
> > > in imp/config/servers.php - 'hordeauth' - which I have used for my
> > > particular installation.
> >
> >Yeah, and another, called realm. That doesn't mean every application
> >should have those though...
>
>Why? I think it could be a big improvement in the passwd module. As for
>now,
>I have to enable the username field to be able to use this module, and
>users
>have to remember to add the "@mydomain.com" othervise its not working
>(using
>the backend vpopmail).
>
> >I always thought of hordeauth as using the same username/password
> >credentials that Horde uses for login/authentication. Since passwd
> >doesn't do this per se - it is to change a password, not to login to
> >something - I never thought it was appropriate to use it here.
>
>See abow.
>
> >None-the-less, I'd support the addition of a hordeauth solution if it
> >was clean, to login/authenticate against the backend being used to
> >change the password. It would still need to prompt for the old and new
> >passwords (and optionally the username) separate from the hordeauth
> >though to maintain backwards compatibility (think of the case where a
> >user is changing the password for another user, ala a helpdesk).
>
>As I said, an option that include "@mydomain.com" should be great!
>
> > > It seemed strange that this setting existed in imp but not in passwd.
> >After
> >
> >The setting came along (in gollem and imp, maybe others) not that long
> >ago in Horde-years, and I think it was only put into applications to
> >avoid a double login situation. This is not really the situation in
> >passwd, as we don't consider it a double login (we consider it a security
>issue).
>
>Security issue? Cant see what diffrense including domainname or not could
>be
>an security issue?
>
> > > setting it in imp I went looking for it in passwd and was surprised
> > > not
> >to
> > > find it. Therefore I thought it might be good to provide a similar
> >setting
> > > in passwd.
> >
> >It might be. Not sure. You'd have to convince us of the merit.
>
>convinced?
>
> > > I would suggest that it is not an uncommon requirement; I suspect
> > > that Horde/Imp is used as a webmail solution in many virtual hosting
> >environments
> > > where the full user & domain name is required for authentication and
> > > authorisation.
>
>Agree!
>
> >That's why the hook was put into the sork apps that use usernames (IIRC).
> >
> > > The ability to change a password in the webmail environment is
> > > probably incredibly desirable in many such situations, as typically
> >the
> > > user interface for password changes is a separate one provided by
> > > the hosting software, and in my experience is absolutely dreadful!
> >
> >But, that doesn't mean you don't need to ask the user for a
> >username/password to use. That is a separate issue (security).
>
>Mabe, but its useless if you dont have the option to include the domain
>(even if its just included in the $userid for the username field), unvice I
>like to have lots of support issues people complaining about the passord
>cant be changed.
>
>- - -
>
>Peter, Im intrested in the patch you have, ill be happy to see it posted!
>
>- - -
>
> > > Peter.
> > >
> > > -----Original Message-----
> > > From: sork-bounces at lists.horde.org
> > > [mailto:sork-bounces at lists.horde.org]
> >On
> > > Behalf Of Eric Rostetter
> > > Sent: 27 January 2005 22:09
> > > To: sork at lists.horde.org
> > > Subject: Re: [sork] Passwd backends
> > >
> > > Quoting "Peter Borg (horde)" <horde at peter-b.org>:
> > >
> > > > I've recently installed Horde 3 and the various modules that are
> > > > immediately available for it.
> > > >
> > > > In addition, because it's an essential tool for my users, I've
> > > > picked up the HEAD release of passwd from CVS to use it - seems to
> > > > work fine
> >for
> > > me!
> > >
> > > Great!
> > >
> > > > However, I had to modify it to be able to use it successfully as
> > > > my various
> > >
> > > Are you sure?
> > >
> > > > authentications require the full username (Auth::getAuth) as
> > > > opposed to the domain-stripped username (Auth::getBareAuth).
> > >
> > > Isn't there a hook in it just for this purpose?
> > >
> > > > I don't want users to be able
> > > > to enter the username for which they want to change the password,
> > > > nor to select the back-end.
> > >
> > > Are not these configuration options?
> > >
> > > > I was considering submitting a patch for this, but the
> > > > modification I've made wouldn't necessarily suit everyone.
> > > > Reviewing the options, I was wondering what people's views are on
>this.
> > >
> > > I've not looked at the code recently, but I thought all those
> > > changes
> >were
> > > already there as configuration options. If not, I'd support changes
> > > to allow them as configuration changes.
> > >
> > > > Clearly, there's a need for a
> > > > parameter to control which type of username is presented to the
> > > > user or passed to the backend, but should this be global for all
> > > > backends, or backend specific.
> > >
> > > It should be a hook, so it is more flexible.
> > >
> > > > In which case, it seems fairly trivial to add an extra property to
> > > > each back-end definition in backends.php; require_full_username
> > > > set to either true or false would seem sensible.
> > >
> > > This has traditionally been done with hooks, and should stay that
> > > way to
> >be
> > > consistent with other Horde applications.
> > >
> > > > Discuss?
> > >
> > > Sure.
> > >
> > > > (As an aside, I wasn't sure if anyone was working on passwd at the
> > > > moment,
> > >
> > > Not really. But it isn't forgotten or anything.
> > >
> > > > so wasn't sure which version to submit a patch for. Seems foolish
> > > > to submit a patch to HEAD if it's being worked on!)
> > >
> > > Always submit against HEAD.
> > >
> > > > Peter.
> > >
> > > --
> > > Eric Rostetter
> > > The Department of Physics
> > > The University of Texas at Austin
> > >
> > > Why get even? Get odd!
> > > --
> > > Sork mailing list - Join the hunt: http://horde.org/bounties/#sork
> > > Frequently Asked Questions: http://horde.org/faq/ To unsubscribe,
>mail:
> > > sork-unsubscribe at lists.horde.org
> > >
> > >
> > > --
> > > Sork mailing list - Join the hunt: http://horde.org/bounties/#sork
> > > Frequently Asked Questions: http://horde.org/faq/ To unsubscribe,
> > > mail: sork-unsubscribe at lists.horde.org
> > >
> >
> >
> >--
> >Eric Rostetter
> >The Department of Physics
> >The University of Texas at Austin
> >
> >Why get even? Get odd!
> >--
> >Sork mailing list - Join the hunt: http://horde.org/bounties/#sork
> >Frequently Asked Questions: http://horde.org/faq/ To unsubscribe, mail:
> >sork-unsubscribe at lists.horde.org
>
>_________________________________________________________________
>Express yourself instantly with MSN Messenger! Download today it's FREE!
>http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>
>--
>Sork mailing list - Join the hunt: http://horde.org/bounties/#sork
>Frequently Asked Questions: http://horde.org/faq/ To unsubscribe, mail:
>sork-unsubscribe at lists.horde.org
>
>--
>Sork mailing list - Join the hunt: http://horde.org/bounties/#sork
>Frequently Asked Questions: http://horde.org/faq/
>To unsubscribe, mail: sork-unsubscribe at lists.horde.org
_________________________________________________________________
Don't just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/
More information about the sork
mailing list