[Tickets #12271] Re: gollem ftp login performed while not needed
noreply at bugs.horde.org
noreply at bugs.horde.org
Fri May 24 04:56:56 UTC 2013
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/12271
------------------------------------------------------------------------------
Ticket | 12271
Updated By | Michael Slusarz <slusarz at horde.org>
Summary | gollem ftp login performed while not needed
Queue | Horde Groupware Webmail Edition
Version | 5.0.4
Type | Bug
State | Unconfirmed
Priority | 3. High
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
Michael Slusarz <slusarz at horde.org> (2013-05-23 22:56) wrote:
> Until now application permissions, although defined, are not checked.
This doesn't sound right.
transparent authentication shouldn't require any application
permission checks, since transparent auth does not require a user and,
therefore, permission checks may be impossible.
Example: gollem might have no permissions for guest users. But
transparent authentication is setup so that, if connecting from a
certain IP address, the user is automatically logged in. Obviously,
we can't check for application permissions here or else transparent
authentication would never occur.
Seems to me that if you are seeing multiple failing transparent
authentication requests to gollem, either 1) your config is wrong or
2) gollem's transparent authentication is incorrect. But I don't see
any issue here with the registry's handling of authentication (maybe
an optimization - failing authentication requests in a session can be
cached - but that's not a bug).
More information about the bugs
mailing list