Permit just one domain to access

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Permit just one domain to access

Marcos de Jesus Faria
Hello,

I have in my mailserver tho domains, and I want that only one has access by RoundCube webmail.

I put in "main.inc.php"

$rcmail_config['username_domain'] = 'myfirstdomain.com';
$rcmail_config['mail_domain'] = 'myfirstdomain.com';

But, when I put the complete user. Eg. [hidden email] , It works.

How can I block this?

Thanks.

Marcos.


_______________________________________________
List info: http://lists.roundcube.net/users/
Reply | Threaded
Open this post in threaded view
|

Re: Permit just one domain to access

Julien Wadin
Marcos de Jesus Faria a écrit :

> Hello,
>
> I have in my mailserver tho domains, and I want that only one has access by RoundCube webmail.
>
> I put in "main.inc.php"
>
> $rcmail_config['username_domain'] = 'myfirstdomain.com';
> $rcmail_config['mail_domain'] = 'myfirstdomain.com';
>
> But, when I put the complete user. Eg. [hidden email] , It works.
>
> How can I block this?
>
> Thanks.
>
> Marcos.
>  

Hi,
If you have just a few users, you can add them in the user's mysql
table, and then change a settings that's says "allow only registred
users to login"

--
Wadin Julien
Tel : +32 (0) 475 632 168
Web : http://blog.julienwadin.be/

Simplifiez vous Postfix : http://postfixwinadmin.jwhosting.eu

_______________________________________________
List info: http://lists.roundcube.net/users/
Reply | Threaded
Open this post in threaded view
|

Re: Permit just one domain to access

Irrlicht
Is this a bug? I plan to use 2 different domains in future,
but only those two should be accessible, so will I face similar
troubles?

Cheers,
Daniel

On Sat, 01 Sep 2007 10:58:02 +0200, Julien Wadin <[hidden email]> wrote:

> Marcos de Jesus Faria a écrit :
>> Hello,
>>
>> I have in my mailserver tho domains, and I want that only one has access
> by RoundCube webmail.
>>
>> I put in "main.inc.php"
>>
>> $rcmail_config['username_domain'] = 'myfirstdomain.com';
>> $rcmail_config['mail_domain'] = 'myfirstdomain.com';
>>
>> But, when I put the complete user. Eg. [hidden email] , It
> works.
>>
>> How can I block this?
>>
>> Thanks.
>>
>> Marcos.
>>  
>
> Hi,
> If you have just a few users, you can add them in the user's mysql
> table, and then change a settings that's says "allow only registred
> users to login"


_______________________________________________
List info: http://lists.roundcube.net/users/
Reply | Threaded
Open this post in threaded view
|

Re: Permit just one domain to access

Rouncube Lbutlr
On 1-Sep-2007, at 08:47, Daniel Spies wrote:
> Is this a bug?

I wouldn't think so.

> I plan to use 2 different domains in future, but only those two  
> should be accessible, so will I face similar troubles?

Yes, because Roundcube does not handle the authentication.  Anything  
that anyone fills in that validates with your mailserver is going to  
work.


--
Lewis Butler
303.564.2512


_______________________________________________
List info: http://lists.roundcube.net/users/
Reply | Threaded
Open this post in threaded view
|

Re: Permit just one domain to access

chasd
In reply to this post by Marcos de Jesus Faria

On Aug 31, 2007, at 9:22 AM, Marcos de Jesus Faria wrote:

> Hello,
>
> I have in my mailserver tho domains, and I want that only one has  
> access by RoundCube webmail.
>
> I put in "main.inc.php"
>
> $rcmail_config['username_domain'] = 'myfirstdomain.com';
> $rcmail_config['mail_domain'] = 'myfirstdomain.com';
>
> But, when I put the complete user. Eg. [hidden email] , It  
> works.
>
> How can I block this?

I use a whitelist to only allow certain users to access our roundcube.
You may be able to make this match on whatever you want to limit.

Here is my documentation for my patch / changes, some white space has  
been lost pasting into this message.

Configuration changes include original default values commented out.


index.php

code snippet-
// send redirect
header("Location: $COMM_PATH");
exit;
}
else
{
// whitelisting added by CDostale 14jul06
if(count($CONFIG['user_whitelist']) > 0)
{
if (!in_array($user,$CONFIG['user_whitelist']))
{
show_message("invaliduser", 'warning');
}
else
{
show_message("loginfailed", 'warning');
}
$_SESSION['user_id'] = '';
}
// End whitelist check
}
}


config/mail.inc.php

code snippet-
$rcmail_config['auto_create_user'] = TRUE;
// create a whitelist of users
$rcmail_config['user_whitelist'] =
array('user1','user2','user3','user4','user5');
//$rcmail_config['user_whitelist'] = array();


program/include/main. php

code snippet-
function rcmail_login($user, $pass, $host=NULL)
{
global $CONFIG, $IMAP, $DB, $sess_user_lang;
$user_id = NULL;
// whitelisting added by CDostale 14jul06
if(count($CONFIG['user_whitelist']) > 0)
{
if (!in_array($user,$CONFIG['user_whitelist']))
{
return FALSE;
}
}
// End whitelist check


program/include/localization/ en_US/messages.inc

code snippet-
$messages['loginfailed'] = 'Login failed';
$messages['invaliduser'] = 'User not allowed';


Charles Dostale
System Admin - Silver Oaks Communications
http://www.silveroaks.com/
824 17th Street, Moline  IL  61265

_______________________________________________
List info: http://lists.roundcube.net/users/