Hello,
I have in my mailserver tho domains, and I want that only one has access by RoundCube webmail.
I put in "main.inc.php"
$rcmail_config['username_domain'] = 'myfirstdomain.com'; $rcmail_config['mail_domain'] = 'myfirstdomain.com';
But, when I put the complete user. Eg. user@myseconddomain.com , It works.
How can I block this?
Thanks.
Marcos.
List info: http://lists.roundcube.net/users/
Marcos de Jesus Faria a écrit :
Hello,
I have in my mailserver tho domains, and I want that only one has access by RoundCube webmail.
I put in "main.inc.php"
$rcmail_config['username_domain'] = 'myfirstdomain.com'; $rcmail_config['mail_domain'] = 'myfirstdomain.com';
But, when I put the complete user. Eg. user@myseconddomain.com , It works.
How can I block this?
Thanks.
Marcos.
Hi, If you have just a few users, you can add them in the user's mysql table, and then change a settings that's says "allow only registred users to login"
Is this a bug? I plan to use 2 different domains in future, but only those two should be accessible, so will I face similar troubles?
Cheers, Daniel
On Sat, 01 Sep 2007 10:58:02 +0200, Julien Wadin julien@wadin.be wrote:
Marcos de Jesus Faria a écrit :
Hello,
I have in my mailserver tho domains, and I want that only one has access
by RoundCube webmail.
I put in "main.inc.php"
$rcmail_config['username_domain'] = 'myfirstdomain.com'; $rcmail_config['mail_domain'] = 'myfirstdomain.com';
But, when I put the complete user. Eg. user@myseconddomain.com , It
works.
How can I block this?
Thanks.
Marcos.
Hi, If you have just a few users, you can add them in the user's mysql table, and then change a settings that's says "allow only registred users to login"
List info: http://lists.roundcube.net/users/
On 1-Sep-2007, at 08:47, Daniel Spies wrote:
Is this a bug?
I wouldn't think so.
I plan to use 2 different domains in future, but only those two
should be accessible, so will I face similar troubles?
Yes, because Roundcube does not handle the authentication. Anything
that anyone fills in that validates with your mailserver is going to
work.
On Aug 31, 2007, at 9:22 AM, Marcos de Jesus Faria wrote:
Hello,
I have in my mailserver tho domains, and I want that only one has
access by RoundCube webmail.I put in "main.inc.php"
$rcmail_config['username_domain'] = 'myfirstdomain.com'; $rcmail_config['mail_domain'] = 'myfirstdomain.com';
But, when I put the complete user. Eg. user@myseconddomain.com , It
works.How can I block this?
I use a whitelist to only allow certain users to access our roundcube. You may be able to make this match on whatever you want to limit.
Here is my documentation for my patch / changes, some white space has
been lost pasting into this message.
Configuration changes include original default values commented out.
index.php
code snippet- // send redirect header("Location: $COMM_PATH"); exit; } else { // whitelisting added by CDostale 14jul06 if(count($CONFIG['user_whitelist']) > 0) { if (!in_array($user,$CONFIG['user_whitelist'])) { show_message("invaliduser", 'warning'); } else { show_message("loginfailed", 'warning'); } $_SESSION['user_id'] = ''; } // End whitelist check } }
config/mail.inc.php
code snippet- $rcmail_config['auto_create_user'] = TRUE; // create a whitelist of users $rcmail_config['user_whitelist'] = array('user1','user2','user3','user4','user5'); //$rcmail_config['user_whitelist'] = array();
program/include/main. php
code snippet- function rcmail_login($user, $pass, $host=NULL) { global $CONFIG, $IMAP, $DB, $sess_user_lang; $user_id = NULL; // whitelisting added by CDostale 14jul06 if(count($CONFIG['user_whitelist']) > 0) { if (!in_array($user,$CONFIG['user_whitelist'])) { return FALSE; } } // End whitelist check
program/include/localization/ en_US/messages.inc
code snippet- $messages['loginfailed'] = 'Login failed'; $messages['invaliduser'] = 'User not allowed';
Charles Dostale System Admin - Silver Oaks Communications http://www.silveroaks.com/ 824 17th Street, Moline IL 61265
List info: http://lists.roundcube.net/users/