[prev in list] [next in list] [prev in thread] [next in thread]
List: kolab-format
Subject: Re: Autconfiguration for kolabclient
From: Christian Mollekopf <mollekopf () kolabsys ! com>
Date: 2014-06-20 12:21:44
Message-ID: 3931698.7PYhuIhsXi () t420s ! chrigi
[Download RAW message or body]
On Wednesday 04 June 2014 11.56:57 Sandro Knauß wrote:
> Hey,
>
> for beeing able to auto configure the client, we should create a file at the
> server to get most settings for the client. As base I used the Thunderbird
> autoconfig file [1].
>
> I added additional xml tags for ldapserver, freebusy and identities.
>
> Some questions:
> * should the file
> <http://example.com/.well-known/autoconfig/mail/config-v1.1.xml> be
> extended? pro: thunderbird can using the email part as well
> * the identity part isn't defined in hunderbird autoconf [1], do you know
> any configuration for that tag?
>
> Different modes:
> * requesting the file with auth basic -> fill out password etc.
> * without login data -> return the file with %PASSWORD%, %USER%,...
>
> Using other urlpaths:
> http://example.com/.well-known/autoconfig/kolab-v1.0.xml
> or split everypart into an own file:
> http://example.com/.well-known/autoconfig/ldap/config-v1.0.xml
> http://example.com/.well-known/autoconfig/freebusy/config-v1.0.xml
> http://example.com/.well-known/autoconfig/kolab/config-v1.0.xml
> would be only a xmlfile that refers to the other parts.
>
To get to a conclusion here, I'll line out what I think about it:
== What is autoconfig ==
Autoconfig is a mechanism for automatic discovery of servers/services and for
preseeding deployment specific configuration data.
== What should it include ==
* discovery of imap/smtp server including default configuration
* discovery of ldap server including default configuration
* discovery of freebusy provider including default configuration
All these services are in a deployment specific location and normally need to
be configured manually. Including those allows the client to automatically
setup the services. Non of these settings belong to kolab configuration files
that IMO should be used for your personal preferences, and not the deployment
specific default values.
The identity is IMO only a nice-to have for new setups because it allows an
organization to i.e. preseed a default signature, but it's not a requirement
or core-feature of autoconfig. If the kolab account is already setup-up the
identity should be read from the kolab configuration anyways.
== Open questions ==
* Do we need the default identity?
* Do we need to include credentials in the config?
If we need to provide credentials we need authenticated requests that allow
providing a personalized autoconfig file, otherwise we can use a static one (In
either case we can fallback from the personalized to the static one if not
available). I suppose we need to provide credentials if they cannot be guessed
from the provided email address and password that we have available.
== Proposal ==
I suggest we drop the default identity if we can (that just makes the whole
setup process more complex).
Otherwise I agree with sandro's proposal other than renaming the <freebusy>
tag to <freebusyProvider> and <ldapServer> to <ldapProvider>. I don't agree
they should be part of the <emailProvider> tag (or at least I don't see why).
If we need to provide credentials we'll go with the authenticated request,
otherwise with the static one.
Cheers,
Christian
["autoconfig.xml" (autoconfig.xml)]
<?xml version="1.0"?>
<clientConfig version="1.1">
<ldapProvider id="ldap.example.com">
<hostname>ldap.example.com</hostname>
<port>389</port>
<!--
"plain":
No encryption
"TLS":
Using TLS to connect server
"SSL":
Using SSL to connect to server -->
<socketType>plain</socketType>
<!--
"anonyoum":
Use anonyoum authentification
"simple":
Use simple authentification
"sasl":
Use sasl authentification -->
<authentication>simple</authentication>
<!-- not used for anoyoum authentification -->
<bindDn>cn=Directory Manager</bindDn>
<!-- not used for anoyoum authentification -->
<password>Welcome2KolabSystems</password>
<!-- sasl-mech is the SASL mechanism to login for SASL authentification -->
<sasl-mech />
<!-- only used for SASL -->
<username />
<!-- only used for SASL -->
<realm />
<!-- BaseDN (namingcontexts) of the ldapServer -->
<dn>dc=kolabsys,dc=com</dn>
<ldapVersion>3</ldapVersion>
<filter/>
<!-- value 1-9999999 (not setting is using default) -->
<pagesize />
<!-- value 1-9999999 (not setting is using default) -->
<timelimit />
<!-- value 1-9999999 (not setting is using default) -->
<sizelimit />
</ldapProvider>
<freebusyProvider id="freebusy.example.com">
<hostname>example.com<hostname>
<!--
"plain":
No encryption
"TLS":
Using TLS to connect server
"SSL":
Using SSL to connect to server -->
<socketType>plain</socketType>
<!--
"none":
No authentication
"basic":
Use simple authentication
<authentication>basic</authentication>
<username>user</username>
<password>pass</password>
<!-- path to the ifb file:
$EMAIL$:
will be replaced with the email for that a ifb is requested
$USER$:
will be replaced with the username of the ifb that is requested
-->
<path>/freebusy/$EMAIL$.ifb</path>
</freebusyProvider>
<emailProvider id="example.com">
<!-- for complete part see:
https://wiki.mozilla.org/Thunderbird:Autoconfiguration:ConfigFileFormat
unfortunatelly I didn't found any configuration for the identity block,
so I designed one -->
<identity id="user@example.com">
<!-- default identity for this emailProvider, only setup if the account \
hasn't been configured yet--> <default>true</default>
<email>user@example.com</email>
<!-- could be omitted in a static config-->
<name>John Doe</name>
<organization>Kolab</organziation>
<!-- name and title could be omited in a static config, we would only \
provide a template--> <signature>$name
$title
Kolab Systems AG
Zürich, Switzerland
w: http://kolabsys.com</signature>
</identity>
</emailProvider>
</clientConfig>
_______________________________________________
format mailing list
format@lists.kolab.org
https://lists.kolab.org/mailman/listinfo/format
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic