Hello List, dont know if anybody heard about Shibboleth ( http://shibboleth.internet2.edu/ )? It is a Single Sign On Framework for websites and it is a growing platform used in the german science network called Deutsches Forschungsnetz https://www.aai.dfn.de/ (sorry, only in german).
What we wanna do is a SSO not only for our webapps but also for webmail (which also is a webapp). The problem i see here is that our webmail needs the users password to authenticate against the imap/pop server (in this case dbmail). So lets discuss the following case: I let handle Shibboleth all the auth stuff, a user accessing the webmail page is authenticated and authoirized to read the mail for the user Shibboleth is telling the webmail app. From now on only the username is available. The dbmail-imap server gets the request for user joe and should deliver the mails, without password. But only if the imap connect comes from a specific IP and provides a configurable strong password c(same for all users). That would need some new configration shib_server=IP and ship_userpass=strongpass . If there is a connection from that server, with that password and for user joe dbmail accepts and delivers the messages. If the connection comes from another client (PC, Outlook, Thunderbird) the normal auth is used. Do you thing this is easy doable with dbmail, are there any flaws, is this a approach you would follow? regards Martin
_______________________________________________ DBmail mailing list [email protected] https://mailman.fastxs.nl/mailman/listinfo/dbmail
