[Tickets #10272] Re: No HTTP_Auth when accessing users *.ics file
bugs at horde.org
bugs at horde.org
Sat Oct 15 10:52:52 UTC 2011
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/10272
------------------------------------------------------------------------------
Ticket | 10272
Updated By | Jan Schneider <jan at horde.org>
Summary | No HTTP_Auth when accessing users *.ics file
Queue | Kronolith
Version | Git master
Type | Bug
State | Feedback
Priority | 2. Medium
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
Jan Schneider <jan at horde.org> (2011-10-15 12:52) wrote:
> I don't understand, why you check for a valid authentication even
> before sending the HTTP_Auth header. I would suggest checking for
> empty(null passwords) in _check_auth() before handling it with
> checkAuth or check_auth().
Because the client is sending two requests during authentication, one
without the credentials, which we reply with an authentication
request. Next time the client request will include the credentials, so
we need to check them before sending an authentication request again.
Otherwise the client would never be able to authenticate successfully.
More information about the bugs
mailing list