[Tickets #9085] Transparent authentication not clearing the session
bugs at horde.org
bugs at horde.org
Tue Jun 8 23:27:55 UTC 2010
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/9085
------------------------------------------------------------------------------
Ticket | 9085
Created By | Jan Schneider <jan at horde.org>
Summary | Transparent authentication not clearing the session
Queue | Horde Framework Packages
Version | Git master
Type | Bug
State | Unconfirmed
Priority | 3. High
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
Jan Schneider <jan at horde.org> (2010-06-08 19:27) wrote:
When authenticating a user through transparent authentication,
getCleanSession() is not called, making the session vulnerable to
session fixation and other side-effects.
More information about the bugs
mailing list