Reuse HTTP authentication for login

[dfoerster]

Hi,

the attached patch allows to reuse HTTP authentication credentials for the login. If the webmail installation is protected by HTTP authentication with matching credentials, the user only needs to enter them once.

The feature needs to be enabled by a configuration option.

It's working fine for me but the patch could be refactored a little bit by someone with some more knowledge about roundcube's internals. It applies to the 0.1.1 version.

Regards David

[thomasb]

Duplicate of #1388203

[ryanroth]

Can you update this to work with the current SVN?

[ryanroth]

http://trac.roundcube.net/ticket/1388203 does not work with the current release or SVN

[ryanroth]

Fixed for SVN and small refresh issue

[dan]

thanks for the patch. It certianly helped me with bug 1485224

things i noted $host = $RCMAIL->autoselect_host(); seems unneeded as login can just take username/password and it seems to workout the host then.

$OUTPUT->redirect() instead of header( 'refresh: 1'); for consistency with the login.

i didn't bother with cookie checking as i think that is done elsewhere

logouts don't particularly work when the authentication is already there. (I don't know how to fix this either)

you could use the email2user functions to handle virtual users.

your patch doesn't include the main.inc.php.dist change to enable http authenticaion

[rasky@…]

As explained in a duplicate bug (which contained more infos than this bug...), a quick way to disable the useless logout button is to put "display: none" in the CSS. Obviously, a correct fix has to be done elsewhere.