Difference between revisions of "Open-Xchange servlet for external login masks"

m (Who should read this document)
m (Description)
Line 5: Line 5:
  
 
== Description ==
 
== Description ==
The package open-xchange-easylogin provides a servlet which expects a user name and password via HTTP GET or POST. For security reasons, GET is disabled by default but can be turned on via configuration. With that information the servlet generates java code that is then executed in the users browser so that the user gets automatically logged in to the Open-Xchange application. The servlet URL is after installation:
+
The open-xchange-easylogin package provides a servlet which expects a user name and password via HTTP GET or POST. For security reasons, GET is disabled by default but can be turned on via configuration. With that information the servlet generates java code that is then executed in the user's browser so that the user gets automatically logged in to the Open-Xchange application. After the installation the servlet URL is:  
 
  http://ox-server/servlet/easylogin
 
  http://ox-server/servlet/easylogin
  
 
=== Installation ===
 
=== Installation ===
The package open-xchange-easylogin, available in the [[CommunitySoftwareRepositories]] , needs to be installed using the operation system toos for package maintaining (e.g. dpkg, rpm). After installation, the groupware process has to be restarted:
+
The open-xchange-easylogin package, available in the [[CommunitySoftwareRepositories]] , needs to be installed using the operation system toos for package maintainance (e.g. dpkg, rpm). After installation, the groupware process has to be restarted:
 
  /etc/init.d/open-xchange restart
 
  /etc/init.d/open-xchange restart
  
Line 37: Line 37:
  
 
=== Example HTML form ===
 
=== Example HTML form ===
Below are two html form examples for a custom login mask. One for HTML POST and one for GET (for security reasons POST should be used). For own use, the string ox-server needs to be replaced by the name of the Open-Xchange server:
+
The examples below show how an HTML form for a custom login mask looks like. One example is  for HTML POST and one for GET (for security reasons we recommend to use POST). When using the example for your own purposes, the ox-server string needs to be replaced by the name of the Open-Xchange server:  
  
 
<pre>
 
<pre>

Revision as of 07:47, 31 March 2009

Open-Xchange servlet for external login masks

Who should read this document

This document is written for web developers who would like to create a custom login mask for the Open-Xchange server. The login mask can reside on an external server i. e., not directly located in the domain of the Open-Xchange machines. It is also intended for administrators who install and maintain Open-Xchange services.

Description

The open-xchange-easylogin package provides a servlet which expects a user name and password via HTTP GET or POST. For security reasons, GET is disabled by default but can be turned on via configuration. With that information the servlet generates java code that is then executed in the user's browser so that the user gets automatically logged in to the Open-Xchange application. After the installation the servlet URL is:

http://ox-server/servlet/easylogin

Installation

The open-xchange-easylogin package, available in the CommunitySoftwareRepositories , needs to be installed using the operation system toos for package maintainance (e.g. dpkg, rpm). After installation, the groupware process has to be restarted:

/etc/init.d/open-xchange restart

Configuration

Configuration file is:

/opt/open-xchange/etc/groupware/easylogin.properties

following configuration options are available (the groupware must be restarted to make changes effective):

# easylogin configuration file

# GET/POST variable name for the password
com.openexchange.easylogin.passwordPara = password 

# GET/POST variable name for the login name
com.openexchange.easylogin.loginPara = login 

# AJAX root path on the Open-Xchange server 
# do not change unless you know what you are doing
com.openexchange.easylogin.AJAX_ROOT = /ajax

# the relative path to the Open-Xchange GUI
com.openexchange.easylogin.OX_PATH_RELATIVE = ../

# enable GET for the servlet 
# possible parameters: true/false
com.openexchange.easylogin.doGetEnabled = true

Example HTML form

The examples below show how an HTML form for a custom login mask looks like. One example is for HTML POST and one for GET (for security reasons we recommend to use POST). When using the example for your own purposes, the ox-server string needs to be replaced by the name of the Open-Xchange server:

 <html>
 <body>

 <h1>Login via POST:</h1>
 <form action="http://ox-server/servlet/easylogin" method="POST">
     <p>
     <label for="login">Username: </label>
               <input type="text" name="login" id="login"><br>
     <label for="password">Password:  </label>
               <input type="password" name="password" id="password"><br><br>
     <input type="submit" value="POST login">
     </p>
  </form>
 
  <h1>Login via GET:</h1>
  <form action="http://ox-server/servlet/easylogin" method="GET">
     <p>
     <label for="login">Username: </label>
               <input type="text" name="login" id="login"><br>
     <label for="password">Password:  </label>
               <input type="password" name="password" id="password"><br><br>
     <input type="submit" value="GET login">
     </p>
  </form>
 
  </body>
 </html>