HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Auto login to phpMyAdmin and Webmail (http://www.howtoforge.com/forums/showthread.php?t=56834)

todx 9th April 2012 17:58

Auto login to phpMyAdmin and Webmail
 
Hey guys, I'm new at this forum. I've been wondering if there is a way to setup/configure ISPConfig to automatically login to phpmyadmin and/or webmail once the icon in the ISPConfig control panel is click? At the moment(default settings) it just redirects to phpmyadmin or webmail page...

Is this a php type of a question? If it is, where should I post?

Mitzy 9th April 2012 20:17

Quote:

Originally Posted by todx (Post 277007)
Hey guys, I'm new at this forum. I've been wondering if there is a way to setup/configure ISPConfig to automatically login to phpmyadmin and/or webmail once the icon in the ISPConfig control panel is click? At the moment(default settings) it just redirects to phpmyadmin or webmail page...

Is this a php type of a question? If it is, where should I post?

Yeah it does seem a bit redundant doesn't it, you'd have to hack the templates, wouldn't know where to begin.

Why don't you make a suggestion to the tracker?

todx 9th April 2012 20:20

What/who is a tracker?

Mitzy 9th April 2012 20:35

Quote:

Originally Posted by todx (Post 277018)
What/who is a tracker?

Mixed up my terms, feature request forum lol

http://www.howtoforge.com/forums/forumdisplay.php?f=31

todx 9th April 2012 22:03

I think the problem here is that ISPConfig need to post original username and password (not hashed - md5ed). They store encoded password into mysql so I don't think this is possible.

falko 10th April 2012 21:48

Quote:

Originally Posted by todx (Post 277023)
I think the problem here is that ISPConfig need to post original username and password (not hashed - md5ed). They store encoded password into mysql so I don't think this is possible.

That's right. ISPConfig does this for security reasons.

todx 10th April 2012 23:25

Yeah its probably for the best. Case closed! =)

** I'm gonna post a serious-hardcore review soon on what to change/add/remove etc. so be prepared!

Bitvilag 14th November 2014 08:27

Quote:

Originally Posted by todx (Post 277099)
Yeah its probably for the best. Case closed! =)

** I'm gonna post a serious-hardcore review soon on what to change/add/remove etc. so be prepared!

I know this is an old thread however I do not agree.

Why isnt it possible to create autologin without the password? ex. From admin you can easily sing in to a user.

till 14th November 2014 09:56

Quote:

Originally Posted by Bitvilag (Post 321514)
I know this is an old thread however I do not agree.

Why isnt it possible to create autologin without the password? ex. From admin you can easily sing in to a user.

there is a huge difference:

becoming a client from admin login is a internal permision change within the same software. phpmyadmin and webmail are both different external software packages that authenticate against different system mecahnisms. phpmyadmin authenticates against the mysql user database and webmail authenticates against imap. so in both cases you would have to stire the password as plaintext if you want to allow automatic logins.

Bitvilag 30th November 2014 02:51

Would this be possible
 
Quote:

Originally Posted by till (Post 321527)
there is a huge difference:

becoming a client from admin login is a internal permision change within the same software. phpmyadmin and webmail are both different external software packages that authenticate against different system mecahnisms. phpmyadmin authenticates against the mysql user database and webmail authenticates against imap. so in both cases you would have to stire the password as plaintext if you want to allow automatic logins.

You might be right however other providers like cPanel somehow solved this issue and they are using autologin very well. My problem is, one of my clients complained why cant he see his workers' emails anytime. I had to disable password modification in roundcube so he could spy on his workers'. I can relate to what he is saying since he has to know what information is going out and in anytime.

My suggestion would be either to create such plugin or something or maybe an admin login would also help me. As in one login that would give me access to all mails that would be in that group. Easiest way would be a master password that would work with those email addresses that are associated. I dont think this would be a security issue since this password should be set by one person (person managing ISPConfig)

Wish you the best
Bitvilag


All times are GMT +2. The time now is 16:20.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.