mailuser login - how to log in with dovecot authentification

Discussion in 'Installation/Configuration' started by radim_h, May 27, 2008.

  1. radim_h

    radim_h Member

    Hell-o !

    I'm using loging to dovecot in my positfix main.cf
    smtpd_sasl_type = dovecot
    smtpd_sasl_path = private/auth

    then in dovecot.conf
    auth_username_format ="%Ld_%Ln"

    (which means that my users are logging with with their whole email adress , not using any kind of rewrite to virtusertable format.
    Email adress is also set in their email clients and I also cannot use webmail packeges for ISPC as there are scripts to rewrite email adresses to system format)
    and i'm getting then same error like in following...

    My problem is: I cannot log into ISPConfig with mailuser login
    ( https://www.domain.com:81/mailuser/)
    as i'm getting :
    May 27 10:31:33 web1 dovecot: pop3-login: Disconnected: user=<_domain.tld_test>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured

    I have no idea why the underscore in front of user name is appearing

    IMHO it is caused because
    /home/admispconfig/ispconfig/web/mailuser/lib/classes/pop3.inc.php

    is using some kind of rewrite for email addresses user@domain.tld to system users format domain.tld_user


    Does anyone has please idea hot to change
    /home/admispconfig/ispconfig/web/mailuser/lib/classes/pop3.inc.php

    to not rewrite email adress into _domain.tld_user ?

    Format domain.tld_user can be used, but i have no idea what is causing that underscore in front of user name ..
     
    Last edited: May 27, 2008
  2. till

    till Super Moderator

    Please try to replace the content of the file /home/admispconfig/ispconfig/web/mailuser/login/index.php with this:

    Code:
    <?php
    /*
    Copyright (c) 2005, projektfarm Gmbh, Till Brehm, Falko Timme
    All rights reserved.
    
    Redistribution and use in source and binary forms, with or without modification,
    are permitted provided that the following conditions are met:
    
        * Redistributions of source code must retain the above copyright notice,
          this list of conditions and the following disclaimer.
        * Redistributions in binary form must reproduce the above copyright notice,
          this list of conditions and the following disclaimer in the documentation
          and/or other materials provided with the distribution.
        * Neither the name of ISPConfig nor the names of its contributors
          may be used to endorse or promote products derived from this software without
          specific prior written permission.
    
    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
    ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
    WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
    IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
    INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
    BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
    DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
    OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
    NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
    EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    */
    require_once('../../../lib/config.inc.php');
    require_once('../lib/app.inc.php');
    
    $app->uses('tpl,pop3');
    $app->tpl->newTemplate("login.tpl.htm");
    
    if(count($_POST) > 1) {
            if($_POST["username"] != '' and $_POST["passwort"] != '') {
    
                    $username         = $_POST["username"];
                    $passwort         = $_POST["passwort"];
    				
    				$orig_username = $username;
    				
    				// Dovecot @ username hack
    				if(stristr($username, '@')) {
    					list ($loginusername, $logindomain) = split('[/@-]', $username);
    					$username = "${logindomain}_$loginusername";
    				}
    
                    // Checke, ob es den User in ISPConfig DB gibt
                    $user = $app->db->queryOneRecord("SELECT * FROM isp_isp_user WHERE user_username = '".addslashes($username)."'");
    
                    if($user["doc_id"] > 0) {
                      // Hole das Web des Users
                      $web = $app->db->queryOneRecord("SELECT isp_isp_web.web_mailuser_login FROM isp_isp_web, isp_dep WHERE isp_isp_web.doc_id = isp_dep.parent_doc_id AND isp_isp_web.doctype_id = isp_dep.parent_doctype_id AND isp_dep.child_doctype_id = 1014 AND isp_dep.child_doc_id = ".$user["doc_id"]);
                      $login_allowed = $web["web_mailuser_login"];
                      unset($web);
    
                      if($login_allowed == 1){
                            // for DEBUG Only
                            if($go_info["server"]["mode"] == 'demo') {
    							$app->pop3->hostname = "ispconfig.org";
    						} else {
    							$app->pop3->hostname = "localhost";
    						}
    
                            // Öffne Pop3 Verbindung
                            $res = $app->pop3->Open();
                            if($res == '') {
    
                                    // versuche Login
                                    $res = $app->pop3->Login($orig_username,$passwort,0);
                                    if($res == '') {
    
                                            // Login war erfolgreich
                                            $_SESSION["s"]["userid"] = $user["doc_id"];
                                            $_SESSION["s"]["user"]   = $user;
                                            $app->pop3->Close();
                                            header("Location: ../mail/index.php");
                                            exit;
    
                                    } else {
                                            // Username oder PW falsch
                                            $error = $res;
                                            $app->pop3->Close();
                                    }
                            } else {
                                    // kein pop3 Login möglich
                                    $error = $res;
                                    $app->pop3->Close();
                            }
                      } else {
                        // Mailuser-Login für das Web nicht zugelassen
                        $error = $app->lng("txt_no_mailuser_login");
                      }
                    } else {
                            // User unbekannt in DB
                            $error = $app->lng("txt_user_unbekannt");
                    }
            } else {
                    $error = $app->lng("txt_email_passwort_leer");
            }
    }
    
    $app->tpl->setVar("error",$error);
    
    $app->tpl_defaults();
    $app->tpl->pparse();
    
    ?>
     
  3. radim_h

    radim_h Member

    Thank You!

    It is working instantly, many thanks!
     
  4. till

    till Super Moderator

    Ok thanks, I will add the changes to SVN so they will be part of the next release..
     
  5. radim_h

    radim_h Member

    one small bug

    I have discovered one small bug on mailuser page

    when you log in on https://ispcdomain.tld/mailuser/
    In "User & Email" in Field "Name:" you can input name with any diacritics
    as characters ěščřžýáíé

    which is actually not allowed
    as you can try do this in ISPConfig https://ispcdomain.tld/ you'll get message:

    Field: Real Name
    Only the following signs are allowed: a-z A-Z 0-9 - _ .

    These characters are saved an you can see them later in ISPConfig
    (but again - cannot save them in ISPC and must correct it)

    There is no problem with functionality as in /etc/passwd the Real name is simply not saved

    IT should be good add allowed characters checking also at mailuser page..
     
  6. till

    till Super Moderator

    Thanks for reporting this. I added it to the bugtracker.
     
  7. radim_h

    radim_h Member

    Actually, i'll be happy enough to Get Form "Name" out of the page /mailuser/mail/user.php
    Because editing the name will not change anything for the user

    Can you advice me please, what to delete from the code...

    Commenting out following lines from /home/admispconfig.ispconfig/web/templates/user.tpl.htm doesn't help...
    <tr>
    <td width="50">&nbsp;</td>
    <td width="120" class="TxtForm"><strong><tmpl_var name='txt_name'>:</strong></td>
    <td class="TxtForm"><input type="text" name="user_name" value="{tmpl_var name='user_name'}" maxlength="50"></td>
    </tr>

    EDIT: Solved
    Commenting Out these lines doesnt work, but deleting them solved the problem, the "Name" form is gone :)
     
    Last edited: Jun 23, 2008
  8. radim_h

    radim_h Member

    mailuser login not working with hyphen in domain name

    Hello,

    it seems that there is error in new mailuserlogin script
    Tried on Etch-ISPC2.2.24-postfix-dovecot ([DOMAIN]_ prefix and dovecot SASL)

    As i found when you try login to mailuser with domains with hyphen in name (character "-") , tried on format user@my-domain.tld and user@my-other-domain.tld
    you cannot log in and there is no record in /var/log/mail.log for POP3 login ,
    so IMO login script is not parsing those type of names
     
    Last edited: Aug 6, 2008
  9. till

    till Super Moderator

    I added it to the bugtracker for review.
     
  10. falko

    falko Super Moderator

    I've just fixed this in SVN.
     

Share This Page