[horde] Autologin into Horde
Michael Wisniewski
wisniewski at mwiz.org
Mon Apr 15 15:39:55 UTC 2013
Quoting Jan Schneider <jan at horde.org>:
> Zitat von Michael Wisniewski <wisniewski at mwiz.org>:
>
>> I understand there's security risks with automatic login with
>> Horde, but how can this be accomplished? I've tried to set the
>> session settings timeout to something large (8640000), set the path
>> to my webserver path (/webmail/), but everytime I close my browser,
>> it continues to prompt me to login. I also changed the maxlifetime
>> of the cookies in my php.ini to 8640000.
>>
>> Is there something else I should be changing? Is there an easier
>> way to accomplish this?
>>
>> Thanks!
>
> Looks like this was disabled with this commit:
> https://github.com/horde/horde/commit/2bbd679136963508713b2868bfd6d3f6967773bb
>
> I think Michael only thought of the timeout to be a setting to
> *limit* the cookie lifetime below the browser session duration, not
> to *extend* it beyond that.
> --
Ah, OK. I started using Horde about a month or two ago, so I'm still
trying to catch up with the history of it. I know the devs don't want
people to use auto-logon after the browser closes, but almost every
web site out there has a checkbox to allow it.
Thank you for the response and information to the code.
More information about the horde
mailing list