Conformance with SquirrelMail plugin requirements and other cleanupÄescription: Removed a security issue - the user's password was being stored in the web server's logs.information to X-Squirrel or > X-SquirrelMail, patch will be ready by the end of week. Summary Files Reviews Support Mailing Lists Tickets Current Development Branch (1.5) Feature Requests Current Stable Branch (1.4). If username/password pairs don't match, SquirrelMail's login page is correctly shown again Brought to you by: jangliss, jervfors, kink, pdontthink.Rewrote the whole plugin so that it works as a normal plugin (as opposed to a bit of a hack).Added custom signout page that reflects the true nature of disposing HTTP authentication credentials.Update plugin documentation and some minor code updates to bring into conformance with newest plugin specifications. Log out of IMAP connection made during login page hook.Those using HTTP authentication do not need to create a configuration file of their own - the default behavior will suffice in these cases. Added configuration file that allows administrators to fine-tune the behavior of this plugin, particularly if using a custom single sign-on system.Added compatibility with the Login Manager plugin.Information included in headers will be > base64 encoded. X-Squirrel name is > shorter than X-SquirrelMail. Squirrelmail authenticated user variable overwriting A bug was fixed in squirrelmail 1.4.8 which could allow a logged in user to overwrite random variables in compose. Thanks to Emmanuel Dreyfus for help with the "authenticated_saml" module and Victoriano Giralt for help with the "trusted_saml" module Tomas Kuliavas: > If people agree about moving Received: information to X-Squirrel or > X-SquirrelMail, patch will be ready by the end of week.Added the ability to use this plugin for other external login systems (aside from just HTTP authentication), such as some single sign-on systems.Requires: SquirrelMail 1.4.0+, Compatibility 2.0.7+ (unless using SM 1.4.10+ or 1.5.2+), PHP Zlib support (only if you are using the compression feature with the "authenticated_saml" module) Please support this plugin's development: Donate to this author login to email account in Roundcube Webmail client. Assuming you've coordinated your IMAP authentication with your external web authentication, this plugin helps with those tasks. may be maintained and be reauthenticated, perhaps as a completely different user. Remember that SquirrelMail still needs to authenticate against your IMAP server, so SquirrelMail still needs to know what credentials to use and how to get them. Common uses of this plugin are for environments that employ HTTP authentication or have implemented single sign-on systems. This plugin tells SquirrelMail how to understand when users have been externally authenticated, in which case the SquirrelMail login page is unnecessary.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |