Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » HTTPS and webforwards
  •  
ambrotos

Messages: 4
Karma: 0
Send a private message to this user
I'm having an odd problem ever since upgrading to Kerio 6.7 patch 1.

I've disabled the HTTP protocol because I want all webmail to be accessed via HTTPS. Then, in my DNS I've created a simple frame-based "cloaked" webforward which forwards http://webmail.mydomain.com to https://mydomain.com.

The problem is this: if I access https://mydomain.com directly everything works fine. Similarly, if I access http://webmail.mydomain.com, it will open up https://mydomain.com as expected within a frame. The difference here is that the login page will default to webmail-mini and not give me the option to select full. This occurs regardless of browser (Firefox 3.5, IE 8.0, Opera 9).

Can anyone shed some light on this? Why didn't it do this before the upgrade? I was running 6.6.2 beforehand. Has something changed in the way that full/mini requirements are detected in the intervening versions?

The address/title "cloaking" I'm using is just a rediculously simple page which opens the target within a frame, as below:

<HTML><HEAD>
<META NAME="description" CONTENT="domain.com">
<META NAME="keywords" CONTENT="">
</HEAD>
<FRAMESET border=0 rows="100%,*" frameborder="no" marginleft=0 margintop=0 marginright=0 marginbottom=0>
<frame src="https://domain.com" scrolling=auto frameborder="no" border=0 noresize>
<frame topmargin="0" marginwidth=0 scrolling=no marginheight=0 frameborder="no" border=0 noresize>
</FRAMESET>
</HTML>


Any help would be appreciated,

-A
  •  
roly

Messages: 47
Karma: -3
Send a private message to this user
Crying or Very Sad hello

.. is java-script enabled ?

bye from very raining ch, roly
  •  
ambrotos

Messages: 4
Karma: 0
Send a private message to this user
Yup, javascript is enabled. As I said, if I go to https://domain.com directly, everything works properly. If javascript were disabled, then full webmail wouldn't work regardless of whether I used the webforward or surfed there directly.

-A
  •  
anthony.somerset

Messages: 144

Karma: 0
Send a private message to this user
i noticed this error when i tried to include the login form on an intranet page, i think that this is purely due to the login page scripts not being able to pick up your connection info directly as its not loading the page directly, therefore it plays safe and defaults to mini

you have a couple of options...

1. use a non frame based forward that then calls the webmail page direct

2. write your own html based form at webmail.domain.com (instead of forward) that submits to the ssl webmail login and either have the options or do some javascript detection like the webmail login page does

the downside of these options is that the address bar will then go to https://webmail..... which is not all in all a bad thing, its just down to personal preference

Mac Xserve Intel - 2x 2.7GHz Dual Core Xeon
Leopard 10.5.8
4GB Ram
1.25 TB HDD Raid 5
Kerio 6.7.1
~60 Users (varying windows and mac Exchange or IMAP)
18 iPhones
  •  
ambrotos

Messages: 4
Karma: 0
Send a private message to this user
Well, it's good to hear I'm not the only one who's seen this issue. I had indeed considered either writing my own login page, or perhaps even modifying the dologin.php script slightly to default to full instead of mini. However in the end I decided it wasn't really worth it. As you said, it's really just a matter of preference. I was hoping that someone else might have encountered this and found a simple workaround.

Does anyone know whether the developers are already aware of this quirk, and whether there are any plans on addressing it in future builds? If it's not officially considered an issue, I'd be interested to know what changed between 6.2.2 and 6.7P1 to introduce this.

-A
  •  
anthony.somerset

Messages: 144

Karma: 0
Send a private message to this user
i think as you have jumped a significant amount, the scripts are likely to have changed a lot and also web technologies will have done too HTML css PHP etc etc

previous methods of browser detection may have been not as high performance as now hence possible changes. it doesnt take 2 minutes to knock up a HTML form to enter you into your webmail, its all i ended up doing, my next step is passing the login info from the intranet system into the webmail form so there isnt the need for multiple logins as they use the same LDAP database anyway....

Mac Xserve Intel - 2x 2.7GHz Dual Core Xeon
Leopard 10.5.8
4GB Ram
1.25 TB HDD Raid 5
Kerio 6.7.1
~60 Users (varying windows and mac Exchange or IMAP)
18 iPhones
Previous Topic: sharing calendar
Next Topic: Signature for different user in Outlook 2003
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Nov 17 18:42:00 CET 2017

Total time taken to generate the page: 0.00433 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.