Announcement

Collapse
No announcement yet.

OpenExchange in Joomla?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OpenExchange in Joomla?

    Hello,

    I am new to this forum. But I've got a simple question. I need a webmailer in the backend of the CMS joomla. And my webhoster has OpenExchange installed, so I wanted to use it.

    Is there a way I could transfer a username & password to the OpenExchange, to log in, directly into the mailbox? Hope you can help me, because I've got a lot of trouble with this project.

    Really big thanks in advance for you cooperation.


    Regards,
    Christian, 20, Germany

  • #3
    Hello,

    thanks a lot for all this! Gonna have a look on all of this asap. If I need any further assistance can I bother this community with it?

    Thanks for the help!

    Regards,
    Christian, 20, Germany

    Comment


    • #4
      Hi Christian,

      sure - we're here to help

      Greetings

      Comment


      • #5
        Hello,

        I tried to get a bit on, but my programming is not really good in web-development. Do you or somebody else maybe have some working sample code (PHP) for this AJAX-Login-Script on which I could built on?

        Thanks again in advance!

        Regards,
        Christian, 20, Germany

        Comment


        • #6
          Referer

          Hello,

          I hope somebody can give me some advice.

          I found out, that I was doing everything alright with the javascript example Martin Braun gave me. But now I know, that there's probably a referer check.

          My webhoster is not at all helpfull in this thing, they wanna sell me instead something what's like microsoft outlook in explorer. But I like the idea of open-xchange.

          So now my problem is, how could my webhoster change the referer-settings? (or isn't this any function of open xchange?) Or how could I use the referer it normally accepts?

          Thanks in advance again for your big help!

          Regards,
          Christian, 20, K.
          Last edited by Guest; 05-19-2009, 02:52 PM.

          Comment


          • #7
            AFAIK, the groupware itself performs no referer check. It does perform an IP check, which means the login must be performed from the same IP address as the rest of the session. What errors do you get?

            Comment


            • #8
              Hello Viktor,

              oh! That could be the reason. the webhoster is a big company which probably has my website on another server than their open xchange (called "webmailer 2.0" at this webhosters side). I don't have this error message right here, but it was something with that I am not "authorized" to access the ressource, will post here later on today the full error message.

              Do you have any idea by know how to bypass/fix this problem?

              Regards,
              Christian, 20, K.

              Comment


              • #9
                Some background - generally this ip check is a security feature. If somebody manages to steal the session cookie set by OX (stored at your browser) and your session ID, he *could* login to your account because the session is already authorized. This would require some criminal effort (network access, local access to the browsers cookie store, browser vulnerabilities etc.) but history shows that such attacks do happen. To add another obstacle to session/cookie stealing we check the IP address which sends the cookie/session id an compare it to the ip address which has initiated the login procedure by entering credentials. Of course it is possible to fake IP addresses but doing a man-in-the-middle attack and even more evil stuff at the internet and through a encrypted connection is much harder than just stealing a session. Atop of this we use whitelisting for HTML E-Mail to minimize the risk of executing script code from external sources which might be a security issue.
                Last edited by Martin Heiland; 05-19-2009, 03:21 PM.

                Comment


                • #10
                  Hello,

                  @Viktor Pracht: the error message is "Access to restricted URI denied".

                  @Martin Braun: so this means there's no way for me, to login directly into the "Inbox" of OX without my webhoster helping me?
                  I understand the security reasons of course, but I wanted to make a user friendly login after a user already logged into an webapplication (SSL crypted). Because who want's to login with username/password twice in two different login forms every day?

                  Thanks for the big help of you two.

                  Regards,
                  Christian, 20, K.

                  Comment


                  • #11
                    Hi,

                    what URL are you try to query? What's the exact path and parameters?

                    Comment


                    • #12
                      Hello,

                      my script (exactly the script you linked [javascript version]) is here: http://jkwk.kunstwerkstatt-kassel.de/oxtest.php

                      it's trying to login at "https://email.1und1.de/login?action=login" as referer it has "https://email.1und1.de/ox.html" now (didn't work without a referer, too).

                      Code:
                      Line 16-18 of the example
                                   xmlhttp.open("POST", "https://email.1und1.de/login?action=login", false);
                                    xmlhttp.setRequestHeader("Referer",
                                    "https://email.1und1.de/ox.html");
                      As username I tried "oxtest@kunstwerkstatt-kassel.de" with the password "openxchange" (testaccount).


                      Unfortunately it does not work by now. Does this information help you in any way? Do you have any idea how to get logged in? Thanks in advance for your help!

                      Regards,
                      Christian, 20, K.

                      Comment


                      • #13
                        Hello,

                        did anyone of you had time to have a look at it? Does anyone have any idea?

                        Thanks for your cooperation.

                        Regards,
                        Christian, 20, K.

                        Comment


                        • #14
                          can it be use on joomla??

                          Comment

                          Working...
                          X