[Tickets #8842] Re: Authentication requested in noauth situations
bugs at horde.org
bugs at horde.org
Tue Mar 2 17:46:34 UTC 2010
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/8842
------------------------------------------------------------------------------
Ticket | 8842
Updated By | Jan Schneider <jan at horde.org>
Summary | Authentication requested in noauth situations
Queue | Horde Framework Packages
Version | Git master
Type | Bug
State | Assigned
Priority | 2. Medium
Milestone |
Patch |
Owners | Michael Slusarz
------------------------------------------------------------------------------
Jan Schneider <jan at horde.org> (2010-03-02 12:46) wrote:
I tried to further track this down today, and this is what I found.
This only only happens when using hordeauth in IMP because:
- The alarms script queries all applications whether they have a
listAlarms() method
- that calls Horde_Registry#hasPermission()
- that calls Horde_Auth::isAuthenticated()
- that calls Horde_Auth#transparent()
- that tries to authenticate with the non-existant Horde credentials
when using hordeauth in IMP
I think there are several faults, at least:
- Transparent authentication in an application shouldn't be tried if
there is no Horde authentication
- The authentication exception from the Horde_Imap_Client instance has
to be catched somewhere so that transparent() actually returns false.
More information about the bugs
mailing list