Autologin fails in 0.7

[SKaero]

I am experiencing exactly the same issue as you, and followed all the steps here, unfortunately there's no solution. Still, the rest of the plugins work fine for me (fail2ban, google_ads, and others)

The strange thing is that I can see in the errors file for every time i try the autologon this:

Code: [Select]

[27-Jun-2012 11:11:34 +0200]: PHP Error: No handler found for action plugin.wrapper in /var/www/webmail.example.com/program/include/rcube_plugin_api.php on line 300 (GET /?_task=mail&_default_width=1000&_screen_width=806&_action=plugin.wrapper)

Your getting errors form another plugin, try disabling all other plugins and test just the autologin plugin.

[ASeques]

Ok, the plugin that caused the log errors was google_ads. Still, it seems that the problem persists afterwards
After all I still cannot yet login.

I have been trying on a ubuntu server 10.10 with php 5.3.2, I will try on another server with debian squeeze to see if it could be related.

[ASeques]

Finally got the solution, it seems that the parameters were incorrect. That's what I found in my case.

We are passing via POST the variables:
  _user,_host,_pass

In my case I passed _host=localhost and in main.inc.php I had 127.0.0.1

In the file program/include/rcmail.php there is this code that validates the default_host, since '127.0.0.1' is different from 'localhost' it simply fails.
It would be much better if it gave a proper error message.

Code: [Select]

    // Validate that selected host is in the list of configured hosts
    if (is_array($config['default_host'])) {
      $allowed = false;
      foreach ($config['default_host'] as $key => $host_allowed) {
        if (!is_numeric($key))
          $host_allowed = $key;
        if ($host == $host_allowed) {
          $allowed = true;
          break;
        }
      }
I am trying to prepare a patch so the users with problems get notified, but meanwhile you know my solution.

[ASeques]

The bug report was http://trac.roundcube.net/ticket/1488550 and has been fixed only after a couple of days in https://github.com/roundcube/roundcubemail/commit/7c8fd8031038e7958ef4dbb059e86decd6fefa28

Amazing support !

[bhargavpandya]

I am Still facing problem.. Your session is in valid or expired..
My autologon script is as under

<!DOCTYPE html>
<html>
<head>
</head>
<body>
<?
$_POST['password'] = 'test@123';
$_SESSION['userpassword'] = strrev(base64_encode('1234'.$_POST
['password']));
?>
<form name="roundcubelogin" action="http://ns2.ctns.info/rcube/?_task=mail" method="post" target="rcube">
<input type="hidden" name="_timezone" value="_default_" />
<input type="hidden" name="_task" value="mail" />
<input type="hidden" name="_autologin" value="1" />
<input type="text" name="_user" value="test@test.com" />
<input type="password" name="_pass" value="<?echo $_SESSION['userpassword']?>" />
<input type="submit" name="submit" value="SUBMIT" />
</form>
</body>
</html>

user ID and passwordd changed..

My Autologin.php Plugin is as follows

<?php

/**
 * This plugin performs an automatic login if accessed
 * with post Data from other Site an Portal or CMS
 * Based on sample autologon PlugIn
 *
 * @version 0.2
 * @author Eric Appelt (lacri)
 *
 * show into README to install and config
 *
 * changes
 * 0.2 make a little bit secure with base64_encode strrev
 * and a key thats replace after submitting encoded pass data
 *
 */

class autologin extends rcube_plugin
{

  function init()
  {
    $this->add_hook('startup', array($this, 'startup'));
    $this->add_hook('authenticate', array($this, 'authenticate'));
  }

  function startup($args)
  {
    $rcmail = rcmail::get_instance();

    $autologin = get_input_value('_autologin', RCUBE_INPUT_POST);

    // change action to login
    if ($args['task'] == 'mail' && empty($args['action']) && empty($_SESSION['user_id']) && !empty($autologin)) {
      $args['action'] = 'login';

      // decode pass, revert and replace key
         $_POST['_pass'] = str_replace('1234','',base64_decode(strrev(get_input_value('_pass', RCUBE_INPUT_POST, true, 'ISO-8859-1'))));

      // set initial cookie without this cookie login is not possible
      $_COOKIE['roundcube_sessid'] = session_id();
    }
    return $args;
  }

  function authenticate($args)
  {
    $autologin = get_input_value('_autologin', RCUBE_INPUT_POST);

    if (!empty($autologin)) {
      $args['user'] = get_input_value('_user', RCUBE_INPUT_POST);
      $args['pass'] = get_input_value('_pass', RCUBE_INPUT_POST);
      $args['host'] = 'localhost';
      $args['cookiecheck'] = false;
      $args['valid'] = true;

    }
    die('<pre>'. print_r($args, true));
    return $args;
  }
}


Hope someone can really help... I need this working desperately.. I am using Windows Platform with Hmailserver and roundcube..

This is what i get in my session logs

[07-Jul-2012 04:16:35 +0530]: Aborted session nuuu14r3a0on62njgns8g356g1; no valid session data found


Regards

[SKaero]

You don't need the "$_COOKIE['roundcube_sessid'] = session_id();" line.