[horde] Can't start a second horde session?
Jan Schneider
jan at horde.org
Thu Aug 3 23:50:33 PDT 2006
Zitat von Kevin Konowalec <kevin at ualberta.net>:
> Using Horde 3.1.2. Here's the scenario: You open up a browser
> window and go to https://www.myserver.com/. Imp has been set as the
> initial Horde application and the webroots for horde and imp are
> set to '/horde/ and ' ' respectively in horde/config/registry.php.
> You get to the login page and can login as usual. You then open a
> second browser window and go to the same URL. Only this time the
> URL immediately redirects to
> https://www.myserver.com/mailbox.php?page=1. Interestingly enough
> it seems to not be in the same frameset as the sidebar is not on the
> page with the second instance at all.
Yes, of course, because you're accessing IMP if you go to
https://www.myserver.com/, not Horde.
> This is unexpected behavior as the older version I had been running
> would bring you back to the login page and let you start another
> session (perhaps using a different ID... some of our users are
> responsible for several different email accounts and like each one
> in a different browser window). Ultimately it doesn't make a lot of
> sense to be able to hijack a session just by opening another
> instance of the browser.
You are using cookies now which obviously didn't work in your old
setup. No idea what this has to do with session hijacking though.
Jan.
--
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/
More information about the horde
mailing list