I have another app, that has a very poor user login method in it currently.

We're planning on integrating Zimbra into the mix as the perfect email/calendaring solution.

So how can I leverage Zimbra's LDAP, or SSO capabilities to interface with our application.

Scenario One:
1) user logs into our app, it authenticates against zimbra (LDAP?)
2) user changes his password in our app, how do we do that through to zimbra?

Scenario Two:
1) User logs into zimbra, changes password, no problem.
2) Enable a custom button on the zimbra interface to open a new window back to our app.

Scenario Three:
1) we keep the current user validation method, but need to change the password in two places, zimbra, and our app.
2) How do we tell zimbra that when a password change is made on that side, to envoke a script in our app.

Other thoughts and ideas?