robin.thoni
/
docker-roundcube-server
Volgen 1
Ster 0
Vork 0
Code Kwesties 0 Pull-aanvragen 0 Publicaties 10 Wiki Activiteit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15 Commits
2 Branches
Tree: 68321b0a93
Branches Labels
${ item.name }
Maak branch ${ searchTerm }
van '68321b0a93'
${ noResults }
docker-roundcube-server/roundcube/roundcubemail-1.2.2/plugins/krb_authentication/krb_authentication.php

krb_authentication.php 2.9KB
Geschiedenis Ruw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110 
  1. <?php

  2. 

  3. /**

  4.  * Kerberos Authentication

  5.  *

  6.  * Make use of an existing Kerberos authentication and perform login

  7.  * with the existing user credentials

  8.  *

  9.  * For other configuration options, see config.inc.php.dist!

  10.  *

  11.  * @version @package_version@

  12.  * @license GNU GPLv3+

  13.  * @author Jeroen van Meeuwen

  14.  */

  15. class krb_authentication extends rcube_plugin

  16. {

  17.     private $redirect_query;

  18. 

  19.     /**

  20.      * Plugin initialization

  21.      */

  22.     function init()

  23.     {

  24.         $this->add_hook('startup', array($this, 'startup'));

  25.         $this->add_hook('authenticate', array($this, 'authenticate'));

  26.         $this->add_hook('login_after', array($this, 'login'));

  27.         $this->add_hook('storage_connect', array($this, 'storage_connect'));

  28.     }

  29. 

  30.     /**

  31.      * Startup hook handler

  32.      */

  33.     function startup($args)

  34.     {

  35.         if (!empty($_SERVER['REMOTE_USER']) && !empty($_SERVER['KRB5CCNAME'])) {

  36.             // handle login action

  37.             if (empty($_SESSION['user_id'])) {

  38.                 $args['action']       = 'login';

  39.                 $this->redirect_query = $_SERVER['QUERY_STRING'];

  40.             }

  41.             else {

  42.                 $_SESSION['password'] = null;

  43.             }

  44.         }

  45. 

  46.         return $args;

  47.     }

  48. 

  49.     /**

  50.      * Authenticate hook handler

  51.      */

  52.     function authenticate($args)

  53.     {

  54.         if (!empty($_SERVER['REMOTE_USER']) && !empty($_SERVER['KRB5CCNAME'])) {

  55.             // Load plugin's config file

  56.             $this->load_config();

  57. 

  58.             $rcmail = rcmail::get_instance();

  59.             $host   = $rcmail->config->get('krb_authentication_host');

  60. 

  61.             if (is_string($host) && trim($host) !== '' && empty($args['host'])) {

  62.                 $args['host'] = rcube_utils::idn_to_ascii(rcube_utils::parse_host($host));

  63.             }

  64. 

  65.             if (!empty($_SERVER['REMOTE_USER'])) {

  66.                 $args['user'] = $_SERVER['REMOTE_USER'];

  67.                 $args['pass'] = null;

  68.             }

  69. 

  70.             $args['cookiecheck'] = false;

  71.             $args['valid']       = true;

  72.         }

  73. 

  74.         return $args;

  75.     }

  76. 

  77.     /**

  78.      * Storage_connect hook handler

  79.      */

  80.     function storage_connect($args)

  81.     {

  82.         if (!empty($_SERVER['REMOTE_USER']) && !empty($_SERVER['KRB5CCNAME'])) {

  83.             // Load plugin's config file

  84.             $this->load_config();

  85. 

  86.             $rcmail  = rcmail::get_instance();

  87.             $context = $rcmail->config->get('krb_authentication_context');

  88. 

  89.             $args['gssapi_context'] = $context ?: 'imap/kolab.example.org@EXAMPLE.ORG';

  90.             $args['gssapi_cn']      = $_SERVER['KRB5CCNAME'];

  91.             $args['auth_type']      = 'GSSAPI';

  92.         }

  93. 

  94.         return $args;

  95.     }

  96. 

  97.     /**

  98.      * login_after hook handler

  99.      */

  100.     function login($args)

  101.     {

  102.         // Redirect to the previous QUERY_STRING

  103.         if ($this->redirect_query) {

  104.             header('Location: ./?' . $this->redirect_query);

  105.             exit;

  106.         }

  107. 

  108.         return $args;

  109.     }

  110. }