Re: Force to change password after login into squirrelmail

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 4/3/2012 11:54 AM, Paul Lesniewski wrote:
> On Mon, Apr 2, 2012 at 10:00 PM, Rohitashva Sharma<rsharma@xxxxxxxxxxx>  wrote:
>> On 4/2/2012 10:37 PM, Paul Lesniewski wrote:
>>> On Mon, Apr 2, 2012 at 4:44 AM, Rohitashva Sharma<rsharma@xxxxxxxxxxx>    wrote:
>>>> Hi,
>>>>
>>>> I am using Squirrelmail version 1.4.19 on Scientific Linux with Apache.
>>>> I have configured change_pass plugin with squirrelmail with poppassd at
>>>> the IMAP server, so my users can change passwords of their accounts.
>>>>
>>>> I have a requirement where user need to change his/her password on the
>>>> first login. When we create account on IMAP server, we give a default
>>>> password which need to be changed on first login. The user should not be
>>>> allowed do anything like read mails, access address book etc.without
>>>> changing the password.
>>>>
>>>> Please suggest how can I achieve this.
>>> Take a look at the change_sqlpass plugin which has this feature.  It
>>> can be ported for the most part directly to the change_pass plugin,
>>> however, you'll need to design a way for the plugin to determine which
>>> users need to be forced to change their passwords.
>>>
>> Hi Paul,
>>
>> Thanks for your reply.
>>
>> I had a look at the change_sqlpass and change_pass plugin. I have also
>> devised a mechanism to identify the user whose password need to be
>> forcibly changed and developed a small plugin for this. I attached the
>> plugin as 'webmail_top' hook. The problem is that as soon as the user
>> logs in, my plugin prompts the user to change the password but the user
>> is allowed to click on other links like INBOX, Compose etc and he has a
>> choice not to change the password.
>>
>> What I want is that the user should not be able to do anything without
>> changing the password. Please suggest how is that possible.
> The change_sqlpass plugin is more restrictive, so as I suggested,
> please refer to it.
>
> If you want to limit user actions even more than change_sqlpass
> plugin, please have a look at the hook list in the plugin development
> guidelines or grep the source for hooks in the places you need.
>
Thanks Paul,

I got the idea from change_sqlpass plugin and registered my plugin in 
'right_main_after_header' hook . Now I am able to prevent the links on 
the left_side to go my change password page. This fulfills my partial 
requirement as this does not stop user to click and use the menu items 
in right frame. Is there any hook like right_main_before_header (I could 
not find in documentation) which I can use to prevent user to use menu 
items in right frame as well.

cheers
Rohitashva


------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second 
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users


[Index of Archives]     [Video For Linux]     [Yosemite News]     [Yosemite Photos]     [gtk]     [KDE]     [Cyrus SASL]     [Gimp on Windows]     [Steve's Art]     [Webcams]

  Powered by Linux