[dev] Horde authentication broken
Roel Gloudemans
roel at gloudemans.info
Sun Sep 5 04:05:18 PDT 2004
I don't yet know why, but the following line in Secret.php causes the problem:
(function setKey under else from the first if statement)
$key = $_COOKIE[$keyname . '_key'] = session_id();
if it's changed to:
$key = session_id();
There's no problem. A smae construction exists within getKey. I use Horde for
authentication (not imp). Accounts are stored in LDAP, settings in mySQL
database. With Secret.php as current I see a "log in" link in het imp block on
the portal page. If it's clicked imp goes into an endless loop between
redirect.php and login.php. When login calls redirect with autologin=1
redirect
can't get the user password. It's always empty. Redirect then swithes back to
login.php.
I don't (yet) understand why $_COOKIE is set at all, since the cookie
has yet to
be created in on the client side. (And why it interferes)
Cheers,
Roel.
> Quoting Roel Gloudemans <roel at gloudemans.info>:
>
>> Last change of framework/Secret/Secret.php broke something. When
>> using LDAP for authentication, both imp and gollem are inaccessible.
>> I think they cannot
>> retieve the password anymore.
>
> You're going to have to either be more specific or debug some, since I'm not
> seeing this (and apparently none of the other developers are either).
>
> -chuck
>
> --
> "Regard my poor demoralized mule!" - Juan Valdez
>
> --
> Horde developers mailing list - Join the hunt: http://horde.org/bounties/
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: dev-unsubscribe at lists.horde.org
----- End message from chuck at horde.org -----
More information about the dev
mailing list