Quote:
Originally Posted by anuradha_mihsra  a) How can we turn off features in the zimbra client that our server doesn't support? (for example Documents) |
When you're returning the
GetInfo response, make sure to hardcode the
zimbraFeatureNotebookEnabled attr to
FALSE.
Quote:
Originally Posted by anuradha_mihsra b) How can we change the look and feel of the zimbra client? |
The Zimbra AJAX client has a model-view-controller architecture broken down by feature. Depending on how much you need to alter, you may have to change 1, 2, or all 3 for a feature to get your changes to work.
Note that you must comply with the attribution clauses of the ZPL license.
Quote:
Originally Posted by anuradha_mihsra c) How can I use Zimlets? I need to pass the relevant information in the GetInfo request. How can I install the zimlets alone (w/o installing zimbra server)? |
You're on your own with this one. Zimlets are installed on the Zimbra server -- if you want to do it without the Zimbra server, you've got to roll your own solution.
Quote:
Originally Posted by anuradha_mihsra d) How easy would it be to add a new feature to the zimbra web client? |
Get a good grip on the Zimbra client architecture and you'll have a decent idea of how hard this will be. It's not trivial, but it's clearly possible.
Quote:
Originally Posted by anuradha_mihsra e) How secure is the data that is sent over the wire from client end to the server? Is the SOAP envelope sent comply with the standards? I find that I can view the user name and password sent in the SOAP request through Firebug. Doesnt sound safe to me! |
Zimbra allows you to force login over SSL, which provides the security layer that you're missing. You'll have to do the HTTP/HTTPS server-side redirect magic yourself.
The requests are valid SOAP 1.2, as best I know.
Bugzilla
Wiki
Source
SOAP messages and Security 
Linear Mode
