-
Notifications
You must be signed in to change notification settings - Fork 163
Authentication Options
Cypht supports a number of different Authentication methods out of the box. You can also create your own authentication method with the site module set. Remember that after making any changes to your hm3.ini file, you must rerun the scripts/config_gen.php script to update your site configuration.
Most webmail programs use this type of authentication. The username and password entered into the login form are passed to a pre-configured IMAP server. If the IMAP server returns success, the user is logged into the web application. When using IMAP authentication in Cypht, the IMAP server will automatically be added to the list of accounts the user can access. To use IMAP authentication, set the auth_type value in your hm3.ini file to IMAP, and configure the following settings:
The name assigned to the server after you login
imap_auth_name=localhost
The hostname or IP address of the IMAP server
imap_auth_server=localhost
The port the IMAP server is listening on
imap_auth_port=143
True or false if the IMAP service is over TLS (blank is the same as false)
imap_auth_tls=
POP3 authentication is exactly like IMAP except of course it uses a pre-configured POP3 server to validate the user and password. Change the auth_type to POP3 in your hm3.ini, and configure the following settings:
The name assigned to the server after you login
pop3_auth_name=localhost
The hostname or IP address of the POP3 server
pop3_auth_server=localhost
The port the POP3 server is listening on
pop3_auth_port=110
True or false if the POP3 service is over TLS (blank is the same as false)
pop3_auth_tls=
Cypht can attempt to bind to an LDAP server to perform authentication. In order to use this you must set the auth_type to LDAP and configure the following settings:
The hostname or IP address of the LDAP server to authenticate to
ldap_auth_server=localhost
The port the LDAP server is listening on.
ldap_auth_port=389
Enable TLS/SSL connections. Leave blank or set to false to disable. Set to true to enable TLS connections.
ldap_auth_tls=
The "base dn" of the LDAP server
ldap_auth_base_dn="example,dc=com"
Using a database to authenticate is a little harder to setup, but is a flexible way to configure logins. Using this authentication also allows you to create, delete, or change the account passwords using CLI scripts included in Cypht. Database access is done using PHP PDO, so any database back-end supported by PDO can be used. You will have to manually create the database and table. Examples for Mysql, Postgresql, and Sqlite are included in the hm3.sample.ini file. To use a database for authentication, set the auth_type value to DB in your hm3.ini file, and configure the following settings:
Connection type. Can be "host" to connect to a hostname, or "socket" to connect to a unix socket.
db_connection_type=host
Database host name or ip address. If db_connection_type is set to "socket", this value is ignored
db_host=127.0.0.1
If db_connection_type is set to "socket", this should be the filesystem location of the unix socket file. If db_connection_type is set to "host" this value is ignored.
db_socket=/var/lib/mysqld/mysqld.sock
Name of the database with the required tables
db_name=test
User to connect to the database with
db_user=test
Password to connect to the database with
db_pass=123456
Database type. can be any supported PDO driver ; (http://php.net/manual/en/pdo.drivers.php)
db_driver=mysql
...