robin.thoni
/
docker-roundcube-server
Seguir 1
Destacar 0
Cuchillo 0
Código Incidencias 0 Peticiones pull 0 Lanzamientos 10 Wiki Actividad
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
23 Commits
2 Ramas
Árbol: 6486178dfa
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde '6486178dfa'
${ noResults }
docker-roundcube-server/roundcube/roundcubemail-1.3.6/plugins/krb_authentication/krb_authentication.php

krb_authentication.php 2.9KB
Histórico Original

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109 
  1. <?php

  2. 

  3. /**

  4.  * Kerberos Authentication

  5.  *

  6.  * Make use of an existing Kerberos authentication and perform login

  7.  * with the existing user credentials

  8.  *

  9.  * For other configuration options, see config.inc.php.dist!

  10.  *

  11.  * @license GNU GPLv3+

  12.  * @author Jeroen van Meeuwen

  13.  */

  14. class krb_authentication extends rcube_plugin

  15. {

  16.     private $redirect_query;

  17. 

  18.     /**

  19.      * Plugin initialization

  20.      */

  21.     function init()

  22.     {

  23.         $this->add_hook('startup', array($this, 'startup'));

  24.         $this->add_hook('authenticate', array($this, 'authenticate'));

  25.         $this->add_hook('login_after', array($this, 'login'));

  26.         $this->add_hook('storage_connect', array($this, 'storage_connect'));

  27.     }

  28. 

  29.     /**

  30.      * Startup hook handler

  31.      */

  32.     function startup($args)

  33.     {

  34.         if (!empty($_SERVER['REMOTE_USER']) && !empty($_SERVER['KRB5CCNAME'])) {

  35.             // handle login action

  36.             if (empty($_SESSION['user_id'])) {

  37.                 $args['action']       = 'login';

  38.                 $this->redirect_query = $_SERVER['QUERY_STRING'];

  39.             }

  40.             else {

  41.                 $_SESSION['password'] = null;

  42.             }

  43.         }

  44. 

  45.         return $args;

  46.     }

  47. 

  48.     /**

  49.      * Authenticate hook handler

  50.      */

  51.     function authenticate($args)

  52.     {

  53.         if (!empty($_SERVER['REMOTE_USER']) && !empty($_SERVER['KRB5CCNAME'])) {

  54.             // Load plugin's config file

  55.             $this->load_config();

  56. 

  57.             $rcmail = rcmail::get_instance();

  58.             $host   = $rcmail->config->get('krb_authentication_host');

  59. 

  60.             if (is_string($host) && trim($host) !== '' && empty($args['host'])) {

  61.                 $args['host'] = rcube_utils::idn_to_ascii(rcube_utils::parse_host($host));

  62.             }

  63. 

  64.             if (!empty($_SERVER['REMOTE_USER'])) {

  65.                 $args['user'] = $_SERVER['REMOTE_USER'];

  66.                 $args['pass'] = null;

  67.             }

  68. 

  69.             $args['cookiecheck'] = false;

  70.             $args['valid']       = true;

  71.         }

  72. 

  73.         return $args;

  74.     }

  75. 

  76.     /**

  77.      * Storage_connect hook handler

  78.      */

  79.     function storage_connect($args)

  80.     {

  81.         if (!empty($_SERVER['REMOTE_USER']) && !empty($_SERVER['KRB5CCNAME'])) {

  82.             // Load plugin's config file

  83.             $this->load_config();

  84. 

  85.             $rcmail  = rcmail::get_instance();

  86.             $context = $rcmail->config->get('krb_authentication_context');

  87. 

  88.             $args['gssapi_context'] = $context ?: 'imap/kolab.example.org@EXAMPLE.ORG';

  89.             $args['gssapi_cn']      = $_SERVER['KRB5CCNAME'];

  90.             $args['auth_type']      = 'GSSAPI';

  91.         }

  92. 

  93.         return $args;

  94.     }

  95. 

  96.     /**

  97.      * login_after hook handler

  98.      */

  99.     function login($args)

  100.     {

  101.         // Redirect to the previous QUERY_STRING

  102.         if ($this->redirect_query) {

  103.             header('Location: ./?' . $this->redirect_query);

  104.             exit;

  105.         }

  106. 

  107.         return $args;

  108.     }

  109. }