Summary | INGO Auth Generation Incorrect |
Queue | Ingo |
Queue Version | 3.0.0 |
Type | Bug |
State | Resolved |
Priority | 2. Medium |
Owners | slusarz (at) horde (dot) org |
Requester | mcrosson_horde (at) nusku (dot) net |
Created | 10/07/2011 (5023 days ago) |
Due | |
Updated | 11/06/2012 (4627 days ago) |
Assigned | 10/10/2011 (5020 days ago) |
Resolved | 11/06/2012 (4627 days ago) |
Github Issue Link | |
Github Pull Request | |
Milestone | |
Patch | Yes |
Assigned to Michael Slusarz
State ⇒ Resolved
Version ⇒ 3.0.0
public function transport_auth($driver)
{
switch ($driver) {
case 'timsieved':
return array(
'username' => $GLOBALS['registry']->getAuth(null),
'euser' => $GLOBALS['registry']->getAuth(null)
);
}
// DEFAULT: Use hordeauth (identical to not defining hook at all).
return true;
}
(necessarily) the same like the authenticating users, that's why are
two different user types.
be changed. I was hoping that it could be updated to allow the
default behavior to be overridden in the configuration for edge cases
like I ran into. The diff that I attached to the ticket maintains the
default INGO behavior while allowing administrators to specify a
different value if they so choose.
which user to accept the uploaded script, if you hardcode the
effective user to a fixed value?
authenticate is used as the effective user by Dovecot's managesieve
server. When authenticating against Dovecot's managesieve
implementation the effective user needs to be set to null. I have
attached the perl script Dovecot provides for testing authentication.
the same like the authenticating users, that's why are two different
user types.
New Attachment: sieve-auth-command.pl
into an authentication issue. Ingo was always including the Horde
user credential when generating the base64 encoded plain
authentication as the first field. I need this field to be blank in
order for Dovecot to properly authenticate.
object. Specficially always using the horde username as the effective
user.
which user to accept the uploaded script, if you hardcode the
effective user to a fixed value?
authenticate is used as the effective user by Dovecot's managesieve
server. When authenticating against Dovecot's managesieve
implementation the effective user needs to be set to null. I have
attached the perl script Dovecot provides for testing authentication.
I agree that setting the effective user to a static string or null
does not make sense. The intent of the patch I attached to the ticket
was to allow the effective user to be set via backends.local.php in
edge cases and keeping the current behavior as the default.
Priority ⇒ 2. Medium
State ⇒ Feedback
into an authentication issue. Ingo was always including the Horde
user credential when generating the base64 encoded plain
authentication as the first field. I need this field to be blank in
order for Dovecot to properly authenticate.
ingo/lib/Transport/Timsievd.php. I went ahead an updated the file so
it will use the "euser" parameter passed from backends.php or
default to using the pre-existing call to Ingo::getUser(false). I
have attached a patch detailing the updates I made.
user to accept the uploaded script, if you hardcode the effective user
to a fixed value?
Priority ⇒ 3. High
Type ⇒ Bug
Summary ⇒ INGO Auth Generation Incorrect
Queue ⇒ Ingo
Milestone ⇒
Patch ⇒ Yes
New Attachment: Timsieved.php.diff
State ⇒ Unconfirmed
into an authentication issue. Ingo was always including the Horde
user credential when generating the base64 encoded plain
authentication as the first field. I need this field to be blank in
order for Dovecot to properly authenticate.
I tracked the issue down to a line in ingo/lib/Transport/Timsievd.php.
I went ahead an updated the file so it will use the "euser" parameter
passed from backends.php or default to using the pre-existing call to
Ingo::getUser(false). I have attached a patch detailing the updates I
made.