Login: HTTP Authentication plugin for SquirrelMail
==================================================
Ver 2.0, 06/10/04

Original Author: Tyler Akins
Updated By: Paul Lesneiwski <pdontthink@angrynerds.com>



Description
===========

If you keep SquirrelMail behind a password-protected directory on your 
web server and if PHP has access to the username and password used by 
the web server, this plugin will bypass the login screen and use that 
username/password pair.  

Note that this means that you must keep your usernames and passwords
in synch between your web server's authentication file (typically 
.htpasswd for Apache) and your IMAP server!  If both username/password
stores do not contain the same information, your users will not be able
to log in without entering the two different sets of usernames and 
passwords!

If you have not password-protected your SquirrelMail directory, this
plugin will turn itself off, and logins will work as they normally do
using the SquirrelMail login page.



Help Requests
=============

Help requests are welcome at my personal email address, but I
request that you first post to the SquirrelMail Plugins mailing
list, where you'll get faster help from more people and other
people with the same problem will be able to see how your issue
was resolved.  If you don't get good answers that way, you may
try emailing me directly.

Info about the SquirrelMail Plugins mailing list can be found
on the SquirrelMail web site.  It is currently located at:

http://lists.sourceforge.net/mailman/listinfo/squirrelmail-plugins
squirrelmail-plugins@lists.sourceforge.net



Change Log
==========

  2.0 (06/10/04) -  Paul Lesneiwski <pdontthink@angrynerds.com>
   * Rewrote the whole plugin so that it works as a normal 
     plugin (as opposed to a bit of a hack)
   * If username/password pairs don't match, SquirrelMail's login
     page is correctly shown again
   * Conformance with SquirrelMail plugin requirements and 
     other cleanup

  1.1 - Removed serious security issue -- the password was being logged in the
        web server logs.

  1.0 - Initial version

