[sork] Passwd Problems - Cannot Change password, no UPDATE applied

Simon Brereton simon.brereton at dada.net
Tue Oct 20 20:14:02 UTC 2009 

Hi

I'm using Debian with Horde 3.1.3-4etch installed (imp, kronlith, turba and a few others) and sork-passwd-h3 (3.0-2).  Horde is using imp for authentication which is using IMAP.

I'm working through a few issues, but mostly everything is working.  Google has resolved most issues - but not this one, hence why I'm asking here.  In /usr/share/horde3/passwd/config/backends.php, I commented out all the backend, except the sql example.  I renamed it, and put in the user/pass and table/database/fields of my mysql database that IMAP (and Postfix) use for authenticating users.  Encryption is plain.

What happens when I click on the Password Module is this:

The page loads with the Old password prefilled (but it always seems to be 10 characters no matter if I use a user with a longer or shorter password.

When I put enter a new password that satisfies the security criteria, and click change password, the page reloads with an Error:

Failure in changing password on Postfix (the name of my SQL backend) : Incorrect Password

In horde.log
Oct 20 19:52:59 HORDE [debug] [passwd] SQL Query by Passwd_Driver_sql::_lookup(): SELECT Password FROM MailAccounts WHERE EmailAdd = ? [on line 110 of "/usr/share/horde3/passwd/lib/Driver/sql.php"]


What I see in mysql.log is different.
091020 19:52:59     582 Connect     postfix at localhost on
                    582 Init DB     Mail
                    582 Init DB     Mail
                    582 Query       SELECT Password FROM MailAccounts WHERE EmailAdd = 'simon at lydiard.net'
                    581 Quit

I'm actually happy that the mysql query is correct (although I can only assume that the ? in the horde.log is obfuscation).  What concerns me is the total absence of any UPDATE statement.  I take it this is not normal.  Can someone please give me some pointers as what to investigate next.

If you need other information, I'm happy to provide that too.

Thanks.

SPB

donald:~# dpkg -l | grep -i horde
ii  gollem                    1.0.2-1                              file manager component for horde framework
ii  horde-sam                 0.1-1                                spam module for Horde Framework
ii  horde3                    3.1.3-4etch4                         horde web application framework
ii  imp4                      4.1.3-4                              webmail component for horde framework
ii  ingo1                     1.1.2-1                              email filter component for Horde Framework
ii  kronolith2                2.1.4-1etch1                         calendar component for Horde Framework
ii  mnemo2                    2.1.1-1                              notes/memos component for Horde Framework
ii  nag2                      2.1.2-1                              task list component for Horde Framework
ii  sork-forwards-h3          3.0-1                                autoforward module for Horde Framework
ii  sork-passwd-h3            3.0-2                                Horde3 module for users to change their pass
ii  sork-vacation-h3          3.0-1                                autovacation module for Horde Framework
ii  turba2                    2.1.3-1etch1                         contact management component for horde frame


328 $backends['sql'] = array(
329     'name' => 'Postfix',
330     'preferred' => '',
331     'password policy' => array(
332     'minLength' => 8,
333     'maxLength' => 18,
334     'minClasses' => 2,
335     'maxSpace' => 0,
336     'minUpper' => 1,
337     'minLower' => 1,
338     'minNumeric' => 1,
339     'minSymbols' => 1
340     ),
341     'driver' => 'sql',
342     'params' => array(
343         'phptype'    => 'mysql',
344         'hostspec'   => 'localhost',
345         'username'   => 'postfix',
346         'password'   => 'xxxxxxxxxxxxxx',  <---  For obvious reasons
347         'encryption' => '',
348         'database'   => 'Mail',
349         'table'      => 'MailAccounts',
350         'user_col'   => 'EmailAdd',
351         'pass_col'   => 'Password',
352         'show_encryption' => false,
353     // The following two settings allow you to specify custom queries for
354     // lookup and modify functions if special functions need to be
355     // performed.  In places where a username or a password needs to be
356     // used, refer to this placeholder reference:
357     //    %u -> gets substituted with the user
358     //    %p -> gets substituted with the plaintext password
359     //    %e -> gets substituted with the encrypted password
360     //
361     // 'query_lookup' => 'SELECT user_pass FROM horde_users WHERE user_uid = %u',
362     // 'query_modify' => 'UPDATE horde_users SET user_pass = %e WHERE user_uid = %u',
363     //'query_lookup' => 'SELECT Password  FROM MailAccounts  WHERE EmailAdd = %u',
364     //'query_modify' => 'UPDATE MailAccounts SET Password = %p WHERE EmailAdd = %u',
365 ));

More information about the sork mailing list