Differences

This shows you the differences between two versions of the page.

--- auth:imap [2010-03-01 19:50] – 74.93.99.97
+++ auth:imap [Unknown date] (current) – removed - external edit (Unknown date) 127.0.0.1
@@ Line 1: / Line 1: @@
-====== IMAP/POP3 authentication  ======
-===== What does it do? =====
-This authentication module, changes the password check for DokuWiki, from using the password file,
-to use an IMAP or pop3 server.
-It is build on the plain authentication backend, and works in the same way,
-with the only change that user passwords are checked against an IMAP/POP3 server.
-NB: You still need to create you users in DokuWiki before they can log in.
-===== Requirements =====
-  * PHP IMAP (for Ubuntu use: aptitude install PHP5-IMAP)
-===== Install =====
-Copy the file [[http://yrke.dk/download/dokuWiki-IMAPAuth/imap.class.php.v1.1.txt|imap.class.php]] to "inc/auth".
-Or manually create the file by applying the following steps: \\
-Copy the plain module:
-  cp plain.class.php imap.class.php
-Change the following lines in the file imap.class.php:
-<code php>
-[...]
-class auth_imap extends auth_basic {
-[...]
-function auth_imap() {
-[...]
-  $this->cando['modPass'] = false;
-  [...]
- function checkPass($user,$pass){
-   $userinfo = $this->getUserData($user);
-      if ($userinfo === false) return false;
-        $toReturn=false;
-        $imap_login = @imap_open("{imap.server:143/novalidate-cert}", $user."@domain.tld", $pass, OP_HALFOPEN, 1);
-        if ($imap_login == false){
-                $toReturn = false;
-        }
-        else {
-                $toReturn = true;
-                imap_close($imap_login);
-        }
-        return $toReturn;
-  }
-  [...]
- function createUser($user,$pwd,$name,$mail,$grps=null){
-[...]
-      $tmppass = time();
-      $pass = auth_cryptPassword($tmppass);
-[...]
-</code>
-Now update the IMAP/pop3 server connection string.
-  imap_open("{imap.server:143/novalidate-cert}", $user."@domain.tld", $pass, OP_HALFOPEN, 1);
-See http://dk.php.net/imap_open for documentation on the imap_open function.
-===== Patch User Manager =====
-As noted in [[auth:pam]] there seams to be a bug in the User Manager, it won't create a user if no password is specified.
-Fix it by either applying the patch on [[auth:pam]] or by setting "$this->cando['modPass']" to true, and specifying a random password when the user is created.
-===== Comments =====
-**by mpc@20080825 :**
-I guess we must also, as specified in pam auth , configure DokuWiki tu use imap auth by adding the following line to local.php:
-  $conf['authtype'] = 'imap';
-Anyway, even if adding user in the configuration panel works fine, authentication does not works on my SME 7.3 server with this code, I had to modify the "imap_open" function line to inc/auth/imap.class.php like this to make it works :
-  $imap_login = @imap_open("{myserver:143/imap/novalidate-cert}", $user, $pass);
-of course, use this code this if your server supports imaps :
-  $imap_login = @imap_open("{myserver:993/imap/ssl/novalidate-cert}", $user, $pass);
-Except a little bug (error message display when adding a user, but user added anyway), everything works great.
-**mjm 20080913:**\\
-I have modified the checkPass function to allow users to enter a full email address into the **Username** field during login.  DokuWiki automatically converts the '@' in the email address into an underscore ("_") in the username.  This version of checkPass:
-  - looks for an underscore in the username.  If found, it splits the username into $imapUser and $imapDomain.
-  - sets $imapServer, $_groups and $imapLogin for each supported $imapDomain
-  - attempts to login to the appropriate IMAP (or POP3) server based on the email domain extracted from the username
-  - fails if IMAP login fails; verifies or creates a local user if the IMAP login succeeds
-  - finally, authenticates from conf/users.auth.php if there is no $imapDomain specified in the username.  This allows an admin to create "plain" accounts for users who need access to the wiki but don't have email accounts on any supported servers.
-<code>    function checkPass($user,$pass){
-      #$userinfo = $this->getUserData($user);
-      #if ($userinfo === false) return false;
-      $toReturn=false;
-      list( $imapUser, $imapDomain) = split('[_@]', $user);
-      if(!$imapDomain) $imapDomain = "null";
-      $imapDomain= strtolower( $imapDomain);
-     switch ($imapDomain) {
-     case "domainone.com":
-        $_groups    = array( 'user', 'domainone');
-        $imapServer = "{mail.domainone.com:993/imap/ssl/novalidate-cert}";
-        $imapLogin  = $imapUser.'@'.$imapDomain;
-        break;
-     case "domaintwo.org":
-        $_groups    = array( 'user', 'domaintwo');
-        $imapServer = "{imap.domaintwo.org:993/imap/ssl/novalidate-cert}";
-        $imapLogin  = $imapUser
-        break;
-     case "null":
-        unset ($imapServer);
-     }
-     switch (isset($imapServer)) {
-     case true:
-        $imap_login = @imap_open($imapServer, $imapLogin, $pass);
-        if ($imap_login == false){
-                $toReturn = false;
-        } else {
-                $toReturn = true;
-                imap_close($imap_login);
-                $userinfo = $this->getUserData($user);
-                if ($userinfo === false) $newUser = $this->createUser($user,"!imap_auth!",
-                                            $imapUser,$imapUser.'@'.$imapDomain,$_groups);
-        }
-        break;
-     case false:
-        $userinfo = $this->getUserData($user);
-        if ($userinfo === false) {
-           $toReturn = false;
-        } else {
-           $toReturn = auth_verifyPassword($pass,$this->users[$user]['pass']);
-        }
-     }
-     return $toReturn;
-    }</code>