LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 06-19-2005, 11:51 PM   #1
prabhatsoni
Member
 
Registered: Oct 2004
Location: India
Distribution: FC 12
Posts: 233

Rep: Reputation: 30
squirrelmail authentication !!!


Hello everybody,

I have a intranet portal that gives all sorts of reports to my people. The setup is mysql+php+ apache. In this setup, I have created a mysql table for my users. In this table, I have everybody's uid,encrypted password, their privileges etc. When some fellow logins I take his password, and take out a md5 hash of it, and then compare the uid and this md5 hash with the ones saved in my table, and authenticate them. Once authenticated, I save the uid, and other tit bits of the user in PHP session variables, so that once autheticated the user can access all the allowed data on the site without logging in again.
So far so good.
Now I have started squirrelmail on my server. But here the users who can assess the server have to be created in the OS. So I have created all the users in my FC1. In my opinion creating users in OS is very crude,and probabely insafe.
Now It is very typical that my users have to seperately log in with altogether independent uids, and passwords for accessing the portal, and for accessing the squirrelmail server. This is indeed highly undesirable- once a user logs in he should be able to what ever he desires, without logging out and logging in with different uid and password. I believe there is a way by which the authentication can be centralised.

Any help !

Thanks in advance.

Prabhat Soni
 
Old 07-08-2005, 03:58 PM   #2
fouldsy
Senior Member
 
Registered: Jan 2002
Location: St Louis, MO
Distribution: Ubuntu
Posts: 1,284

Rep: Reputation: 47
I'm afraid I looked for additional methods of authenticating users into SquirrelMail, but couldn't find any that fitted that bill. I wanted to have users that had already authenticated into our intranet to be automagically logged in when accessing SquirrelMail, but couldn't find any 3rd party plugins or extensions that allowed additional authentication options. I think I read one that connected to an LDAP structure, but that wasn't helpful. Is there no way you could port your CMS or whatever to use the local user authentication system instead? From a security point of view, I'm not sure whether it's any greater risk than holding the data in a database, as I'd assumed you'd still enable shadow passwords and such...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Squirrelmail smtp authentication question craven Linux - Software 1 01-28-2013 11:43 PM
Authentication service cannot retrieve authentication info Moffett67 Linux - Software 3 12-13-2007 03:16 AM
Squirrelmail sachin0178 Linux - Newbie 4 11-23-2005 06:09 AM
how did SquirrelMail get there? novaprime Linux - Software 4 01-24-2005 04:49 AM
Squirrelmail 1.2.11 mail55127 Linux - Software 0 03-13-2003 01:44 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 11:35 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration