Open-Xchange servlet for external login masks: Difference between revisions

From Open-Xchange
No edit summary
Line 5: Line 5:


== Description ==
== Description ==
The package open-xchange-easylogin provides a servlet which expects a user name and password via GET or POST. For security reasons, GET is disabled by default and can be turned on via configuration.
The package open-xchange-easylogin provides a servlet which expects a user name and password via HTTP GET or POST. For security reasons, GET is disabled by default but can be turned on via configuration. With that information the servlet generates java code that is then executed in the users browser so that the user gets automatically logged in to the Open-Xchange application.


=== Installation ===
=== Installation ===

Revision as of 17:40, 30 March 2009

Open-Xchange servlet for external login masks

who should read this document

This document is written for web developers who would like to create a custom login mask for the Open-Xchange server which also can reside on an external server (not directly located in the domain of the Open-Xchange machines) or administrators who install and maintain Open-Xchange machines.

Description

The package open-xchange-easylogin provides a servlet which expects a user name and password via HTTP GET or POST. For security reasons, GET is disabled by default but can be turned on via configuration. With that information the servlet generates java code that is then executed in the users browser so that the user gets automatically logged in to the Open-Xchange application.

Installation

The package open-xchange-easylogin, available in the CommunitySoftwareRepositories , needs to be installed using the operation system toos for package maintaining (e.g. dpkg, rpm). After installation, the groupware process has to be restarted:

/etc/init.d/open-xchange restart

Configuration

Configuration file is:

/opt/open-xchange/etc/groupware/easylogin.properties

following configuration options are available (the groupware must be restarted to make changes effective):

# easylogin configuration file

# GET/POST variable name for the password
com.openexchange.easylogin.passwordPara = password 

# GET/POST variable name for the login name
com.openexchange.easylogin.loginPara = login 

# AJAX root path on the Open-Xchange server 
# do not change unless you know what you are doing
com.openexchange.easylogin.AJAX_ROOT = /ajax

# the relative path to the Open-Xchange GUI
com.openexchange.easylogin.OX_PATH_RELATIVE = ../

# enable GET for the servlet 
# possible parameters: true/false
com.openexchange.easylogin.doGetEnabled = true

Example

html form examples for a custom login mask (for security reasons POST should be used):

 <html>
 <body>

 <h1>Login via POST:</h1>
 <form action="http://ox-server/servlet/easylogin" method="POST">
     <p>
     <label for="login">Username: </label>
               <input type="text" name="login" id="login"><br>
     <label for="password">Password:  </label>
               <input type="password" name="password" id="password"><br><br>
     <input type="submit" value="POST login">
     </p>
  </form>
 
  <h1>Login via GET:</h1>
  <form action="http://ox-server/servlet/easylogin" method="GET">
     <p>
     <label for="login">Username: </label>
               <input type="text" name="login" id="login"><br>
     <label for="password">Password:  </label>
               <input type="password" name="password" id="password"><br><br>
     <input type="submit" value="GET login">
     </p>
  </form>
 
  </body>
 </html>