6.0.0-git
2018-12-15

[#6043] Kolab does not support anonymous (guest) users
Summary Kolab does not support anonymous (guest) users
Queue Kolab
Type Bug
State Assigned
Priority 1. Low
Owners wrobel (at) horde (dot) org
Requester m.gabriel (at) das-netzwerkteam (dot) de
Created 2007-12-25 (4008 days ago)
Due
Updated 2008-11-09 (3688 days ago)
Assigned 2008-11-09 (3688 days ago)
Resolved
Milestone
Patch No

History
2008-11-09 03:29:39 Chuck Hagenbuch Comment #11
State ⇒ Assigned
Reply to this comment
Unstalling since we're on Horde 4 now and the Kolab modules are being 
rewritten.
2008-03-26 08:38:32 Gunnar Wrobel Comment #10 Reply to this comment

[Show Quoted Text - 15 lines]
This is only true if the Cyrus server actually supports anonymous 
login which it does not in most cases. So this fix won't help in most 
cases.


2008-03-09 21:08:10 m (dot) gabriel (at) das-netzwerkteam (dot) de Comment #9 Reply to this comment
Marking as stalled since I would like to restructure the Horde::Kolab
module before looking into this. The restructuring requires Horde 4
so this will still take some time.

If someone submits a patch to make this work earlier I'll definitely
take a look :)
maybe you add the lines



+       if (!$login) {

+           $login = 'anonymous';

+       }



to the code as described below as it lets the initial login screen 
appear much quicker (on my kolab-2.1 debian/lenny system).



mike
2008-03-07 17:28:23 Gunnar Wrobel Priority ⇒ 1. Low
 
2008-03-07 17:27:09 Gunnar Wrobel Comment #8
Summary ⇒ Kolab does not support anonymous (guest) users
State ⇒ Stalled
Reply to this comment
Marking as stalled since I would like to restructure the Horde::Kolab 
module before looking into this. The restructuring requires Horde 4 so 
this will still take some time.



If someone submits a patch to make this work earlier I'll definitely 
take a look :)
2008-03-03 14:33:15 m (dot) gabriel (at) das-netzwerkteam (dot) de Comment #7 Reply to this comment
hi gunnar,

[Show Quoted Text - 11 lines]
the delay before the login page appears is gone when i put this at the 
beginning of the connect() method in lib/Horde/Kolab/IMAP/pear.php (i 
still have an unpatch libc-client):



<snip>

     function connect($login, $password, $tls = false)

     {

+       if (!$login) {

+           $login = 'anonymous';

+       }



         $this->_signature = $this->_server . '|' . $this->_port . 
"|$login|$password|$tls";

     [...]

</snip>



i still cannot show a shared calendar that has "anonymous read" in the 
kolab-webadmin interface set... but getting rid of the delay is 
already pretty nice!!!



mike
2008-03-03 12:17:32 Gunnar Wrobel Comment #6 Reply to this comment
however, i do not really have a clue what horde is looking for on the
imap server. is it possible to view IMAP data (e.g. a totally public
calendar) prior to user login???
You can certainly make parts of horde available to unauthenticated 
users. I never tried it myself but I guess you could have a public 
calendar. So I assume that you somehow configured things in a way that 
the apps try to display something to a user that did not login yet.



I do actually believe that the log entries you posted are related to 
the error since having the three apps (mnemo, nag, kronolith) call 
listShares() before the user logged in probably corresponds with the 
three errors you see on the screen.



Of course these errors shouldn't be there so it would be good if you 
can determine the sequence of events that leads to the error. Try to 
dump a traceback right before listShares is called in nag/lib/Nag.php 
for example.
2008-03-03 12:07:23 m (dot) gabriel (at) das-netzwerkteam (dot) de Comment #5 Reply to this comment
hi,

[Show Quoted Text - 32 lines]
i am actually not sure any more if the logfile entries i posted really 
relate to the php-error on the login page. i will explain the whole 
issue i observe during the login process further below.
Now you say the wakeup() call is causing the problem but I fail to
see the connection to getShares(). Can you provide the complete
sequence of function calls? Does the error occur when the login page
is shown and you did not enter any values yet? Or does it occur when
you entered user and pass and the system tries to auth against imap?
ISSUE 1 (probably needs a separate ticket):

-------------------------------------------------

when i visit my horde website i observe quite a delay loading the page 
(you can currently also view the php-error there that is described 
below):

https://mail.das-netzwerkteam.de/mailxchange



this delay is probably related to some horde functions trying to 
retrieve information from the KOLAB IMAP server, but the server 
replies with an auth failure ("badlogin: localhost [127.0.0.1] 
plaintext  SASL(-1): generic failure: All-whitespace username.").



however, i do not really have a clue what horde is looking for on the 
imap server. is it possible to view IMAP data (e.g. a totally public 
calendar) prior to user login???



ISSUE 2:

----------

after a little while the login page appears. without the change 
described in this bug ticket i get the reported php-error. i currently 
wonder if this bug is actually related to my personal fix of ticket 
6048... ($this->_shareMap[$cid] does not get set by getShareById()).



i will check with CVS version...



best,

mike






2008-03-03 08:00:24 Gunnar Wrobel Comment #4 Reply to this comment

[Show Quoted Text - 24 lines]
I'm probably being dumb on this one but I still fail to see the connection.



In your original message you propose to fix the getShares() function 
within Share.php.  You associated that with a few lines of log 
messages that all point to locations where the listShares() function 
gets called. This seems to make sense to me because listShares() 
actually calls getShares() with the result from _listShares().



Now you say the wakeup() call is causing the problem but I fail to see 
the connection to getShares(). Can you provide the complete sequence 
of function calls? Does the error occur when the login page is shown 
and you did not enter any values yet? Or does it occur when you 
entered user and pass and the system tries to auth against imap?
2008-02-29 12:38:14 m (dot) gabriel (at) das-netzwerkteam (dot) de Comment #3 Reply to this comment
hi gunnar,

[Show Quoted Text - 15 lines]
note: i am talking about pre-login stage. at this point IMAP auth 
fails in __wakeup in class Horde_share_kolab.



_listShares() / Share/kolab.php is not reached without authentication.



mike
2008-02-29 10:58:57 Gunnar Wrobel Comment #2
State ⇒ Feedback
Reply to this comment
Hm, I'm not certain about this one.



_shareMap is initialized as empty array in the class. So if you call 
getShares with a set of ids, they should end up in $missing_ids.



Now getShares() will try to fetch these missing shares. If it fails 
there, since the share does not exist, it will return a PEAR error.



So I don't think checking for an empty shareMap is really necessary.



From what you post I get the impression that the _listShare() 
function within Share/kolab.php is the culprit in this case. Can you 
check what this function is returning when the sequence 
listTaskLists() -> listShares() -> _listShares() (nag/lib/Nag.php -> 
Share.php -> Share/kolab.php) gets executed? Thanks!
2007-12-25 03:25:56 Chuck Hagenbuch Assigned to Gunnar Wrobel
State ⇒ Assigned
 
2007-12-25 00:13:46 m (dot) gabriel (at) das-netzwerkteam (dot) de Comment #1
Type ⇒ Bug
State ⇒ Unconfirmed
Priority ⇒ 3. High
Summary ⇒ php-error on login page caused by lib/Horde/Share.php (kolab)
Queue ⇒ Kolab
Reply to this comment
i am using kolab-2.1 (debian unstable) and horde-webmail-1.1rc1



some more php error sedation for the login paged caused by 
non-authenticated IMAP access attempts:



Warning: Illegal offset type in isset or empty in 
/usr/local/share/_horde-versions_/horde-webmail-1.1-rc1-netzwerkteam/lib/Horde/Share.php on line 
236



the error is occurs thrice on every login page, here are the relating 
syslog entries of the occurring errors:



Dec 25 00:08:01 grimnir cyrus/imap[6994]: badlogin: localhost 
[127.0.0.1] plaintext  SASL(-1): generic failure: All-whitespace 
username.

Dec 25 00:08:04 grimnir HORDE[11104]: [kronolith] No object requested. 
[on line 1302 of 
"/usr/local/share/_horde-versions_/horde-webmail-1.1-rc1-netzwerkteam/kronolith/lib/Kronolith.php"]



Dec 25 00:08:04 grimnir cyrus/imap[6996]: badlogin: localhost 
[127.0.0.1] plaintext  SASL(-1): generic failure: All-whitespace 
username.

Dec 25 00:08:07 grimnir HORDE[11104]: [nag] No object requested. [on 
line 276 of 
"/usr/local/share/_horde-versions_/horde-webmail-1.1-rc1-netzwerkteam/nag/lib/Nag.php"]

Dec 25 00:08:07 grimnir HORDE[11104]: [nag] No object requested. [on 
line 276 of 
"/usr/local/share/_horde-versions_/horde-webmail-1.1-rc1-netzwerkteam/nag/lib/Nag.php"]



Dec 25 00:08:07 grimnir cyrus/imap[6997]: badlogin: localhost 
[127.0.0.1] plaintext  SASL(-1): generic failure: All-whitespace 
username.

Dec 25 00:08:10 grimnir HORDE[11104]: [nag] Unable to authenticate 
with the Kolab IMAP server [on line 1689 of 
"/usr/local/share/_horde-versions_/horde-webmail-1.1-rc1-netzwerkteam/lib/Horde/Kolab/IMAP.php"]



here is the sedation patch:



diff -r horde-webmail-1.1-rc1/lib/Horde/Share.php 
horde-webmail-1.1-rc1-netzwerkteam/lib/Horde/Share.php

233,254c233,256

<         $missing_ids = array();

<         foreach ($cids as $cid) {

<             if (isset($this->_shareMap[$cid])) {

<                 $all_shares[$this->_shareMap[$cid]] = 
&$this->_cache[$this->_shareMap[$cid]];

<             } else {

<                 $missing_ids[] = $cid;

<             }

<         }

<

<         if (count($missing_ids)) {

<             $shares = &$this->_getShares($missing_ids);

<             if (is_a($shares, 'PEAR_Error')) {

<                 return $shares;

<             }

<

<             foreach (array_keys($shares) as $key) {

<                 $this->_cache[$key] = &$shares[$key];

<                 $this->_cache[$key]->setShareOb($this);

<                 $this->_shareMap[$shares[$key]->getId()] = $key;

<                 $all_shares[$key] = &$this->_cache[$key];

<             }

<         }

---

[Show Quoted Text - 25 lines]
mike

Saved Queries