AFAIK kerberos sets the REMOTE_USER env - so we would have at least a username - if we would disable IMAP authenticate and make sure its impossible to fake the REMOTE_USER - imp/courier should be able to handle it ?
--- Jan Schneider <[EMAIL PROTECTED]> wrote: > Zitat von Harakiri <[EMAIL PROTECTED]>: > > > Hello, > > > > i know that Horde has Kerberos Auth support. > However > > does this also apply for Single Sign On ? > > > > What i want to achieve is, that users of IMP can > > access their webmail without entering a > > username/password. > > > > IE and Firefox have Kerberos Auth - so lets say my > > users are in a Windows Domain - they authenticate > only > > once when logging into Windows. > > > > Now when they open their IE and goto the IMP > webmail > > they should not need to login again. > > > > As far as i know Kerberos Auth only issues tickets > and > > then the Windows Server for example authenticates > this > > ticket - however how can/should IMP know the > username > > of the user to access the courier backend where > the > > messages for the web user are stored ? > > > > One way would be to use mod_auth_kerb for apache, > > however the problem remains how IMP/Any > application > > can figure out at least the Username - and > sometimes > > the password (probably impossible) > > Correct, this is not possible. At least I don't know > any IMAP server > that supports such an authentication, let alone the > PHP imap extension. > > Jan. > > -- > Do you need professional PHP or Horde consulting? > http://horde.org/consulting/ > > -- > IMP mailing list - Join the hunt: > http://horde.org/bounties/#imp > Frequently Asked Questions: http://horde.org/faq/ > To unsubscribe, mail: > [EMAIL PROTECTED] > ____________________________________________________________________________________ Bored stiff? Loosen up... Download and play hundreds of games for free on Yahoo! Games. http://games.yahoo.com/games/front -- IMP mailing list - Join the hunt: http://horde.org/bounties/#imp Frequently Asked Questions: http://horde.org/faq/ To unsubscribe, mail: [EMAIL PROTECTED]
