Connecting the Kolab Webclient with ownCloud
ATTENTION: this is just a proof-of-concept and should not yet be considered for production use.
This plugin integrates ownCloud into the Roundcube web UI using iframes. Beside giving the user one single location to log-in and get access to all his/her data, the integration should also allow one to pick files from ownCloud when sending email messages and to store email attachments directly to the cloud.
The Source Code is freely available under a Free Software license (AGPLv3).
How it works
The plugin embeds the web UI for ownCloud though an iframe into the Roundcube user interface. When accessing ownCloud though Roundcube, the user's login credentials (username + password) will be handed over to ownCloud in order to automatically authenticate the current Roundcube user to ownCloud. This exchange happens with HTTP requests directley between the ownCloud server and the Roundcube server using signed URLs to prevent from interception.
IMPORTANT: The automatic user authentication only works if both apps use the same authentication backend. In the Kolab realm this is LDAP. You therefore need to configure the LDAP user authentication backend in ownCloud.
Once authenticated, the user sees the ownCloud file manager within Roundcube and can do whether he/she is authorized to do. When composing a new email message in Roundcube, an addition button appear to select files from the ownCloud storage. (this feature is not yet fully implemented).
When terminating the session in Roundcube by pressing the Logout button, an according message is sent to ownCloud to terminate the user's session there, too.
- Roundcube version 0.9-beta or higher
- ownCloud version 4.5 or higher, but not ownCloud 5
- both apps running on the same host (due to browser's XSS protection)
- both IMAP and ownCloud authenticate users on the same backend
Install this plugin in Roundcube and enable it. Rsync the contents of the copy_to_owncloud folder to the ownCloud installation. This will add a new app named "kolab_auth" and a theme "kolab" to ownCloud.
Copy the config.inc.php.dist file to config.inc.php in Roundcube's owncloud plugin directory. Then edit the file and set the absolute URL where ownCloud is accessible and define a secret string for the authentication credential exchange between the two systems.
Add the following lines to the ownCloud config array:
'theme' => 'kolab', 'kolaburl' => '<url-to-roundcube>', 'kolabsecret' => '<shared-secret-string>',
The value for 'kolabsecret' has to match the 'owncloud_secret' string in the Roundcube owncloud plugin configuration.
Log-in to ownCloud as an administrator and enable the kolab_auth app.