This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
web_интерфейс_к_почте [2023/06/30 06:34] val |
web_интерфейс_к_почте [2024/02/16 10:13] val [Roundcube] |
||
---|---|---|---|
Line 50: | Line 50: | ||
'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. | 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. | ||
- | 'base_dn' => 'ou=People,dc=corpX,dc=un', | + | // 'base_dn' => 'ou=People,dc=corpX,dc=un', |
- | //// 'base_dn' => 'cn=Users,dc=corpX,dc=un', | + | 'base_dn' => 'cn=Users,dc=corpX,dc=un', |
// 'base_dn' => 'dc=corpX,dc=un', | // 'base_dn' => 'dc=corpX,dc=un', | ||
- | // 'bind_dn' => 'cn=Administrator,cn=Users,dc=corpX,dc=un', | + | 'bind_dn' => 'cn=Administrator,cn=Users,dc=corpX,dc=un', |
- | // 'bind_pass' => 'Pa$$w0rd', | + | 'bind_pass' => 'Pa$$w0rd', |
'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' | 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' | ||
Line 109: | Line 109: | ||
* [[https://github-wiki-see.page/m/roundcube/roundcubemail/wiki/Configuration:-OAuth2|Configuration: OAuth2 - roundcube/roundcubemail Wiki]] | * [[https://github-wiki-see.page/m/roundcube/roundcubemail/wiki/Configuration:-OAuth2|Configuration: OAuth2 - roundcube/roundcubemail Wiki]] | ||
* [[https://github.com/roundcube/roundcubemail/wiki/Configuration:-OAuth2|Configuration: OAuth2]] | * [[https://github.com/roundcube/roundcubemail/wiki/Configuration:-OAuth2|Configuration: OAuth2]] | ||
+ | * [[https://www.roundcubeforum.net/index.php?topic=29984.0|[SOLVED] Keycloak and Roundcube problem]] | ||
+ | |||
+ | <code> | ||
+ | debian12# cat /var/lib/roundcube/config/config.inc.php | ||
+ | </code><code> | ||
+ | ... | ||
+ | $config['oauth_provider'] = 'generic'; | ||
+ | $config['oauth_provider_name'] = 'Keycloak corp13'; | ||
+ | $config['oauth_client_id'] = "any-client"; | ||
+ | $config['oauth_client_secret'] = "anystring"; | ||
+ | $config['oauth_auth_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/auth"; | ||
+ | $config['oauth_token_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/token"; | ||
+ | $config['oauth_identity_uri'] = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/userinfo"; | ||
+ | $config['oauth_verify_peer'] = false; | ||
+ | $config['oauth_scope'] = "email profile openid"; | ||
+ | $config['oauth_auth_parameters'] = []; | ||
+ | $config['oauth_identity_fields'] = ['preferred_username']; | ||
+ | $config['oauth_login_redirect'] = false; | ||
+ | $config['login_password_maxlen'] = 4096; | ||
+ | </code><code> | ||
+ | debian12# cat /usr/share/roundcube/program/include/rcmail_oauth.php | ||
+ | </code><code> | ||
+ | ... | ||
+ | //$oauth_token_uri = $this->options['token_uri']; | ||
+ | //$oauth_client_id = $this->options['client_id']; | ||
+ | //$oauth_client_secret = $this->options['client_secret']; | ||
+ | //$oauth_identity_uri = $this->options['identity_uri']; | ||
+ | |||
+ | $oauth_token_uri = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/token"; | ||
+ | $oauth_client_id = "any-client"; | ||
+ | $oauth_client_secret = "anystring"; | ||
+ | $oauth_identity_uri = "https://keycloak.corp13.un/realms/corp13/protocol/openid-connect/userinfo"; | ||
+ | ... | ||
+ | </code> | ||
+ | |||
+ | * Сервер dovecot [[Сервер dovecot#OAuth аутентификация]] | ||
===== Дополнительные материалы ===== | ===== Дополнительные материалы ===== |