roundcube and twiki integration
Roundcube is a beautiful IMAP webmail client. In order to integrate is properly with an enterprise TWiki installation, ’single authentication’ needed to be implemented – so that the sign-on for TWiki (which is htpasswd style authenticated by lighttpd) can be used for the roundcube authentication seamlessly.
Since the TWiki login/passwords are different from the IMAP login/password pairs, an additional column had to be added to the roundcubemail:users table :
Then, the following patches must be applied to /usr/share/roundcubemail/index.php :
…
$host = $RCMAIL->autoselect_host();
// mdda added start
// check if HTTP AUTH is set and fill $POST vars
if (isset($_SERVER[‘PHP_AUTH_USER’]) && isset($_SERVER[‘PHP_AUTH_PW’])) {
$dbh = rcmail::get_instance()->get_dbh();
$query = "SELECT * FROM ".get_table_name(‘users’)." WHERE %s=?";
$sql_result = $dbh->query(sprintf($query, ‘alias’), $_SERVER[‘PHP_AUTH_USER’]);
if ($sql_arr = $dbh->fetch_assoc($sql_result)) {
$_POST[‘_user’] = $sql_arr[‘username’];
$_POST[‘_pass’] = $sql_arr[‘imappass’];
}
}
// mdda added end
// check if client supports cookies
if (empty($_COOKIE)) {
$OUTPUT->show_message("cookiesdisabled", ‘warning’);
}
…
else if (($RCMAIL->task==‘logout’ || $RCMAIL->action==‘logout’) && isset($_SESSION[‘user_id’])) {
$OUTPUT->show_message(‘loggedout’);
$RCMAIL->logout_actions();
$RCMAIL->kill_session();
// mdda added start
echo ‘
<script language="javascript">
window.location="/group"; // REPLACE THIS WITH the TWIKI homepage location
</script>’;
// mdda added end
}
…
Having done that, the following can be put onto a TWiki page, to automatically log in the user to roundcube :
<form name="roundcube_login" action="/group/mail/" method="post">
<input name="_action" value="login" type="hidden" />
<input name="_user" id="rcmloginuser" type="hidden" />
<input name="_pass" id="rcmloginpwd" type="hidden" />
</form>