[horde] RE : Login problems with Horde/IMP

Jan Schneider jan at horde.org
Thu Jul 20 04:28:03 PDT 2006


Zitat von Thibault Le Meur <Thibault.LeMeur at supelec.fr>:

>
>>
>> I tried both in IE, and in Seamonkey. Both accept cookies
>> just fine. I even tried deleting the cookie from Seamonkey,
>> and trying again. The cookie got set right after login.
>>
>> PHP's configuration is good, 3.1.1 works fine with it, as
>> well as a number of other applications that use cookies.
>> Apache's config is straight from the box, as Suse 10 installs
>> it, and Horde's config is as minimal as possible. Storage,
>> preferences / datatree drivers are selected, and that's about it.
>>
>> This is definitely a problem in the code somewhere, as a
>> switch to 3.1.1 from 3.1.2 solves the problem, with the same
>> configuration of PHP / Apache, and the same settings selected
>> in Horde's administration interface.
>
> Since the configuration file from 3.1.1 has changed a bit, you can't say
> you're using the same ;-)
>
>> No, looks like your configuration is wrong. Or your browser isn't
>> accepting cookies.
>>
>> Jan.
>
> Well, maybe the browser gets the cookie but the cookie domain isn't the one
> expected. For instance with the new horde 2.1.2 I can't log on
> https://mywebmail but I can log on https://mywebmail.myorg.org

Because browsers don't accept cookies from not fully qualified domain  
names. This has nothing to do with Horde.

> Jochem, if your webmail is available vi an http (not https) link, can you
> use a sniffer in order to check what is the cookie domain/path ?
>
> If using https, you may have to use a local http/https proxy: such as
> http://www.mavensecurity.com/achilles in order to intercept the cookie
> domain/path.
>
> In fact the solution might be to tune the General settings of horde "What
> domain should we set cookies from?".

Or, even more likely, the cookie path.

Jan.

-- 
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/


More information about the horde mailing list