On Fri, May 11, 2012 at 10:54 PM, KK CHN <kkchn.in@xxxxxxxxx> wrote: > List, > > I have a plone 4.1.4( CMS) installation, and a squirrel mail web client > running on > different machines but under the same domain. say intranet.mydomain.com > and webmail.mydomain.com > > I am trying to implement a SSO for this plone intranet site and Squirrel > Mail client. ( The plone site is integrated with LDAP server. Both Plone > site and Squirrel mail refers the same user credentials in this LDAP > server) > > > What configurations/additional work I have to make for the SM instance > for SSO to work from plone site, so clicking a link in the plone site > to the squirrel mail site should logged in to the squirrel mail client so > users can see their emails, without signing again to the squirrel mail > login page. > > Please give your guidance/workarounds how to accomplish this SSO for > Squirrel Mail. You could try to hack something into one or the other of these two applications (or both) so that they understand each other's cookies, for example (still may present problems authenticating against the IMAP server - keep in mind that SquirrelMail passes authentication to the IMAP server, so it MUST have a username and password to authenticate with, and in that sense, it's far smarter to ask how to modify plone to understand when a user has been authenticated via SquirrelMail), but the more robust way to handle this is to find a SSO authentication implementation that both applications are compatible with. Shibboleth is one popular example, but there are others. Do your homework. There is a SquirrelMail plugin that is compatible with some such authentication systems that will be available soon - but it is not trivial to set this kind of system up because you must be able to integrate it with your IMAP server too. -- Paul Lesniewski SquirrelMail Team Please support Open Source Software by donating to SquirrelMail! http://squirrelmail.org/donate_paul_lesniewski.php ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
