[Tickets #12271] Re: gollem ftp login performed while not needed

noreply at bugs.horde.org noreply at bugs.horde.org
Fri May 24 04:56:56 UTC 2013


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/12271
------------------------------------------------------------------------------
  Ticket             | 12271
  Updated By         | Michael Slusarz <slusarz at horde.org>
  Summary            | gollem ftp login performed while not needed
  Queue              | Horde Groupware Webmail Edition
  Version            | 5.0.4
  Type               | Bug
  State              | Unconfirmed
  Priority           | 3. High
  Milestone          |
  Patch              |
  Owners             |
------------------------------------------------------------------------------


Michael Slusarz <slusarz at horde.org> (2013-05-23 22:56) wrote:

> Until now application permissions, although defined, are not checked.

This doesn't sound right.

transparent authentication shouldn't require any application  
permission checks, since transparent auth does not require a user and,  
therefore, permission checks may be impossible.

Example: gollem might have no permissions for guest users.  But  
transparent authentication is setup so that, if connecting from a  
certain IP address, the user is automatically logged in.  Obviously,  
we can't check for application permissions here or else transparent  
authentication would never occur.

Seems to me that if you are seeing multiple failing transparent  
authentication requests to gollem, either 1) your config is wrong or  
2) gollem's transparent authentication is incorrect.  But I don't see  
any issue here with the registry's handling of authentication (maybe  
an optimization - failing authentication requests in a session can be  
cached - but that's not a bug).





More information about the bugs mailing list