I've been testing Roundcube 0.4.2 as a replacement for our now-decrepit Squirrelmail 1.4.17 Webmail. I've been extremely impressed so far. It does natively or there is a plugin for almost everything I can think of. It acts so much like an application that I found myself angry that I couldn't dynamically resize the Subject/From/Date columns in the folder view. It had tricked me so much into thinking it was a native app that when the illusion broke I was actually confused.
Only one plugin has given me trouble so far, and that's the CAS plugin. For those who aren't familiar with CAS, it is an open-source Central Authentication System that many campuses are using these days for their portals. The benefits to us for using CAS for Roundcube in addition to our portal would be that users only have to sign in once and they can access either Roundcube or the portal without needing to authn again (as long as their cookie/session on the CAS server is still good). We've been trying to convert as many open-source login pages as we can to use CAS.
The problem is perhaps best described here:
http://code.google.com/p/rc-cas-plugin/issues/detail?id=1
Basically even if you do everything right, you will get a redirect loop because somewhere between the version of Roundcube this plugin was written for and 0.4.2, the code to kill/regenerate the PHP session changed. I made some comments in that ticket that include what I was able to do in order to actually log in (comment out a call to kill_session()) but that is not a very clean solution, and it doesn't solve the problem of users logging in from a different browser or IP. Really, this plugin needs work.
Hopefully this helps someone or helps remind me what the problem was should I find the time to work on fixing this plugin.
Thanks for info.
ReplyDelete