[Tickets #3386] logouts due to imp_key cookie timeouts.

bugs@bugs.horde.org bugs at bugs.horde.org
Wed Feb 1 19:34:15 PST 2006


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/?id=3386
-----------------------------------------------------------------------
 Ticket             | 3386
 Updated By         | mike.ryan at tufts.edu
 Summary            | logouts due to imp_key cookie timeouts.
 Queue              | Horde Framework Packages
 Version            | FRAMEWORK_3
 State              | Unconfirmed
 Priority           | 1. Low
 Type               | Bug
 Owners             | 
+New Attachment     | imp.patch
-----------------------------------------------------------------------


mike.ryan at tufts.edu (2006-02-01 19:34) wrote:

another patch to make imp authentication more resilient against disappearing
cookies, due to timeouts or browser "quirks".  this will recover the
password from the horde credentials if possible, or invalidate the session
if the horde credentials can't be decrypted.  this gives the user a session
error instead of a login error, which may be less alarming, and prevents the
failed IMAP login, which takes time (10 to 15 seconds in our case) and
leaves ugly log entries both on the horde/imp server and the imap server.

i'm really not sure this is a good idea, but again, it seems to work for me.




More information about the bugs mailing list