[Tickets #9085] Transparent authentication not clearing the session

bugs at horde.org bugs at horde.org
Tue Jun 8 23:27:55 UTC 2010


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/9085
------------------------------------------------------------------------------
  Ticket             | 9085
  Created By         | Jan Schneider <jan at horde.org>
  Summary            | Transparent authentication not clearing the session
  Queue              | Horde Framework Packages
  Version            | Git master
  Type               | Bug
  State              | Unconfirmed
  Priority           | 3. High
  Milestone          |
  Patch              |
  Owners             |
------------------------------------------------------------------------------


Jan Schneider <jan at horde.org> (2010-06-08 19:27) wrote:

When authenticating a user through transparent authentication,  
getCleanSession() is not called, making the session vulnerable to  
session fixation and other side-effects.






More information about the bugs mailing list