Zimbra Webapp
The zimbra webapp offers a
preauth mechanism which can be used to tie zimbra into a SSO solution.
By requiring SSO auth for zimbra.yourdomain.com and using the redirect script Zimbra can be tied into Crowd
Pre-Auth
To setup preauth zimbra must be told where to login/logout. This is done with the
zmprov command and can be verified thusly:
zmprov gd mydomain.com | grep -i login
zimbraWebClientLoginURL: https://login.mydomain.com/zimbra/
zimbraWebClientLogoutURL: https://login.mydomain.com/cgi-bin/logout/
After generating the key and configuring login/logout
mailboxd needs to be restarted:
mailboxdctl restart
To use preauth with cosign the follow script was used:
#!/usr/bin/perl -Tw
# Redirect to zimbra after successful login
use strict;
use CGI qw(:standard);
use CGI::Carp qw(fatalsToBrowser set_message);
use Digest::HMAC_SHA1 qw(hmac_sha1 hmac_sha1_hex);
use Time::Local;
my $user = $ENV{'REMOTE_USER'};
my $time = time() * 1000;
my $key = 'put_your_key_here';
my $base_url = 'https://zimbra.yourdomain.com/service/preauth?account=';
my $preauth = $user . '|name|0|' . $time;
my $digest = hmac_sha1_hex($preauth, $key);
my $redirect = $base_url . $user . '&expires=0×tamp=' . $time . '&preauth=' . $digest;
print "Location: " , $redirect , "\n\n";
OpenID App
Details to come
Other App
Details to come
--
ChristopherPepe - 08 Apr 2009
Log In
Projects Web
Create New Topic
Index
Search
Changes
Notifications
Statistics
Preferences
Main
Projects Web
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.