Page 2 of 2 FirstFirst 12
Results 16 to 22 of 22

Thread: Direct login in roundcube webmail

  1. #16
    cPanel Quality Assurance Analyst cPanelDon's Avatar
    Join Date
    Nov 2008
    Location
    Houston, Texas, U.S.A.
    Posts
    2,554
    cPanel/WHM Access Level

    DataCenter Provider

    Default Re: Direct login in roundcube webmail

    Quote Originally Posted by beddo View Post
    Hi,
    I am trying to set up something similar and the roundcuberedirect.html file seems to work only if you do not use security tokens. Can anyone suggest the extra code needed to make the redirect security token aware?
    Thanks.
    With security session tokens enabled, I'm able to directly access Roundcube webmail via the following URLs; replace "server" with your server hostname, IP address, or cPanel account domain name:
    Code:
    http://server:2095/3rdparty/roundcube/
    https://server:2096/3rdparty/roundcube/
    If proxy sub-domains are enabled, the following URLs, using the "webmail." sub-domain, will also go directly to Roundcube; replace "domain" with your cPanel account domain name:
    Code:
    http://webmail.domain:2095/3rdparty/roundcube/
    https://webmail.domain:2096/3rdparty/roundcube/

  2. #17
    Registered User
    Join Date
    Jan 2011
    Posts
    2

    Default Re: Direct login in roundcube webmail

    Quote Originally Posted by cPanelDon View Post
    The browser pop-up window is displayed because your server is configured to use HTTP Authentication. To log-in using an HTML-form you will need to disable HTTP Authentication so that cookie authentication will be used, which will avoid the pop-up-style log-in prompt.

    This change can be accomplished using WebHost Manager via the following menu path (with linked documentation): WHM: Main >> Server Configuration >> Tweak Settings >> Security >> Enable HTTP Authentication [?] Enable HTTP Authentication for cPanel/WebMail/WHM Logins. This risks certain types of XSRF attacks that rely on cached HTTP Auth credentials. Disabling forces cookie authentication.
    I see. Thanks for fast and solid reply.
    But even if it spread some light on cause of my problem, it does not solve it.
    I donít have access to this security setting, neither I want to disable it. All I want is to allow my users to log in directly to roundcube with use of little form located somewhere on my website.

    Now I am wondering if it is possible to log in using help of curl?
    I done some tests, but they donít work... I donít know much about sniffing with Curl, and breaking security stuff, but if there is no other option... any suggestions will be nice.
    Here is code that I gathered in last few days (witch donít work, of course).
    PHP Code:
    $curl curl_init();
    curl_setopt($curlCURLOPT_HTTPAUTHCURLAUTH_ANY ) ;
    curl_setopt($curlCURLOPT_USERPWD"login:pass");
    curl_setopt($curlCURLOPT_SSLVERSION,3);
    curl_setopt($curlCURLOPT_SSL_VERIFYPEERFALSE);
    curl_setopt($curlCURLOPT_SSL_VERIFYHOST2);
    curl_setopt($curlCURLOPT_HEADERtrue);
    curl_setopt($curlCURLOPT_POSTtrue);
    curl_setopt($curlCURLOPT_POSTFIELDS"user=login&pass=password");
    curl_setopt($curlCURLOPT_RETURNTRANSFERtrue);
    curl_setopt($curlCURLOPT_USERAGENT"Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
    curl_setopt($curlCURLOPT_URL'https://myDomain:2096/3rdparty/roundcube/?_task=mail'); 

  3. #18
    Registered Member beddo's Avatar
    Join Date
    Jan 2007
    Location
    England
    Posts
    157
    cPanel/WHM Access Level

    DataCenter Provider

    Default Re: Direct login in roundcube webmail

    Quote Originally Posted by cPanelDon View Post
    If proxy sub-domains are enabled, the following URLs, using the "webmail." sub-domain, will also go directly to Roundcube; replace "domain" with your cPanel account domain name:
    Code:
    http://webmail.domain:2095/3rdparty/roundcube/
    https://webmail.domain:2096/3rdparty/roundcube/
    We actually use the proxy sub-domains exclusively due to the certificate name. direct access to the ports is actually firewalled off.

    All I need is a little bit of code in the roundcube redirector that picks up the right variable being posted and then passes it on. Surely there is some documentation for developers on how to make things token compatible?

    Edit:

    I figured it out myself. All it takes is an extra print statement in the clickable link and javascript redirect. Here it is for anyone else interested.

    Code:
    <cpanel Email="check_roundcube()">
    <h2>Redirecting to Roundcube WebMail.....please click <a href="<cpanel print="$ENV{'cp_security_token'}"><cpanel print="$CPVAR{'roundcube'}">/index.php">here</a> if you are not redirected in 5 seconds.</h2>
    <script type="text/javascript">
    function goToRoundCube(){
            document.location.href="<cpanel print="$ENV{'cp_security_token'}"><cpanel print="$CPVAR{'roundcube'}">/index.php";
    }
    </script>
    <script>goToRoundCube();</script>
    Last edited by beddo; 02-04-2011 at 06:29 AM.

  4. #19
    Registered User
    Join Date
    Jun 2011
    Posts
    1

    Default Re: Direct login in roundcube webmail

    Hey,

    I'm stuck in a tough spot with this. I did the method described in the first two posts with the script and the redirect, but how would I go about undoing this to revert it back to how cpanel webmail was before I put it in place?

    Thanks

  5. #20
    Registered Member beddo's Avatar
    Join Date
    Jan 2007
    Location
    England
    Posts
    157
    cPanel/WHM Access Level

    DataCenter Provider

    Default Re: Direct login in roundcube webmail

    Quote Originally Posted by thisxstyle View Post
    Hey,

    I'm stuck in a tough spot with this. I did the method described in the first two posts with the script and the redirect, but how would I go about undoing this to revert it back to how cpanel webmail was before I put it in place?

    Thanks
    I didn't see this one when it was posted, hope you figured it out but in case anyone else is interested removing is a case of deleting the relevant line from /scripts/postupcp and running /scripts/upcp. That'll put the stock pages back in and prevent the redirect from being copied over.

  6. #21
    Registered Member beddo's Avatar
    Join Date
    Jan 2007
    Location
    England
    Posts
    157
    cPanel/WHM Access Level

    DataCenter Provider

    Default Re: Direct login in roundcube webmail

    Quote Originally Posted by adumpaul View Post
    I realise .htaccess can be used to achieve the same thing however a .htaccess rule has to be created for each and every hosting account, further to this a webmail.XXXXXX.XXX subdomain. Both of these are tasks i'd rather not have to perform manually for each and every hosting account.
    The redirect file using postupcp applies automatically to all accounts.

    I have actually installed ATMail and changed it to the following:

    Code:
    <h2>Redirecting to ATMail.....please click <a href="<cpanel print="$ENV{'cp_security_token'}">/3rdparty/atmailopen/index.php">here</a> if you are not redirected automatically.</h2>
    <script type="text/javascript">
    function goToATMail(){
            document.location.href="<cpanel print="$ENV{'cp_security_token'}">/3rdparty/atmailopen/index.php";
    }
    </script>
    <script>goToATMail();</script>

  7. #22
    Registered User
    Join Date
    Feb 2012
    Posts
    1
    cPanel/WHM Access Level

    Reseller Owner

    Default Re: why not using httaccess ?

    Hi Susan,

    where this file should be located? Will this script enter direct to roundcube mailbox?

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Webmail - Direct Login to Webmail - Horde
    By wrender in forum E-mail Discussions
    Replies: 0
    Last Post: 11-28-2012, 10:02 PM
  2. Webmail roundcube re-auth after login
    By little_oak in forum E-mail Discussions
    Replies: 3
    Last Post: 12-17-2010, 06:59 AM
  3. solution allow direct login to webmail horde
    By hicom in forum General Discussion
    Replies: 0
    Last Post: 01-06-2006, 01:48 PM
  4. Replies: 2
    Last Post: 08-22-2005, 09:52 PM
  5. Direct Login to Horde Webmail
    By wimp in forum General Discussion
    Replies: 2
    Last Post: 11-29-2003, 04:14 PM
bargain