[horde] Not clearing cookies on logout after changing Password (horde 5.1.1 & passwd 5.0.0)?

Andy Dorman adorman at ironicdesign.com
Wed Jul 31 22:34:51 UTC 2013


I think I know what the problem is...however I do not know if the cause 
is something I have mis-configured or is an actual bug...I will happily 
file a bug report if this is not something silly I have missed.

At the moment my /etc/horde/passwd/backends.local.php has

$backends['ldap'] = array(
     'disabled' => false,
     'driver' => 'ldap',
     'logout' => true,
...

And I am not sure it matters, but horde config has

$conf['auth']['redirect_on_logout'] = false;
$conf['auth']['driver'] = 'ldap';

When I change my password, the password is changed as it should be and I 
am redirected to

/login.php?url=http%3A%2F%2Fbeta.mail.comehome.net%2Fpasswd%2F&horde_logout_token=GgBd9tNLi4biDUXg49qhuA2&logout_reason=5&logout_msg=Your%20password%20has%20been%20succesfully%20changed.%20You%20need%20to%20re-login%20to%20the%20system%20with%20your%20new%20password.

Except when I get here, I get the error at the end of this email on my 
web page.

I can easily FIX this by clearing out my cookies for this domain and 
reloading the URL...then I get the proper login form and the note at the 
top about logging in again after changing my password.

So it appears to me that whatever should be clearing my browser cookies 
is not doing it...OR...is there a config setting I am missing?

Thanks for any ideas you may have.

=== error page after changing password, resolved by clearing cookies ===
A fatal error has occurred
Bind failed: Invalid credentials

1. Horde_Registry->isAuthenticated() /usr/share/horde/login.php:62
2. Horde_Registry->checkExistingAuth() 
/usr/share/php/Horde/Registry.php:2149
3. Horde_Core_Factory_Auth->create() /usr/share/php/Horde/Registry.php:2512
4. Horde_Core_Factory_Auth->_create() 
/usr/share/php/Horde/Core/Factory/Auth.php:61
5. Horde_Core_Factory_Ldap->create() 
/usr/share/php/Horde/Core/Factory/Auth.php:165
6. Horde_Ldap->bind() /usr/share/php/Horde/Core/Factory/Ldap.php:79

Details
The full error message is logged in Horde's log file, and is shown below 
only to administrators. Non-administrative users will not see error details.

Horde_Ldap_Exception Object
(
     [details] =>
     [logged] => 1
     [_logLevel:protected] => 0
     [message:protected] => Bind failed: Invalid credentials
     [string:Exception:private] =>
     [code:protected] => 49
     [file:protected] => /usr/share/php/Horde/Ldap.php
     [line:protected] => 247
     [trace:Exception:private] => Array
         (
             [0] => Array
                 (
                     [file] => /usr/share/php/Horde/Core/Factory/Ldap.php
                     [line] => 79
                     [function] => bind
                     [class] => Horde_Ldap
                     [type] => ->
                     [args] => Array
                         (
                             [0] => 
uid=andydorman at comehome.net,ou=addresses,o=antespam.com
                             [1] => oldpassword
                         )

                 )

             [1] => Array
                 (
                     [file] => /usr/share/php/Horde/Core/Factory/Auth.php
                     [line] => 165
                     [function] => create
                     [class] => Horde_Core_Factory_Ldap
                     [type] => ->
                     [args] => Array
                         (
                             [0] => horde
                             [1] => auth
                         )

                 )

             [2] => Array
                 (
                     [file] => /usr/share/php/Horde/Core/Factory/Auth.php
                     [line] => 61
                     [function] => _create
                     [class] => Horde_Core_Factory_Auth
                     [type] => ->
                     [args] => Array
                         (
                             [0] => ldap
                         )

                 )

             [3] => Array
                 (
                     [file] => /usr/share/php/Horde/Registry.php
                     [line] => 2512
                     [function] => create
                     [class] => Horde_Core_Factory_Auth
                     [type] => ->
                     [args] => Array
                         (
                         )

                 )

             [4] => Array
                 (
                     [file] => /usr/share/php/Horde/Registry.php
                     [line] => 2149
                     [function] => checkExistingAuth
                     [class] => Horde_Registry
                     [type] => ->
                     [args] => Array
                         (
                             [0] => horde
                         )

                 )

             [5] => Array
                 (
                     [file] => /usr/share/horde/login.php
                     [line] => 62
                     [function] => isAuthenticated
                     [class] => Horde_Registry
                     [type] => ->
                     [args] => Array
                         (
                         )

                 )

         )

     [previous:Exception:private] =>
)



-- 
Andy Dorman
FanMail.com
Ironic Design, Inc.
AnteSpam.com, HomeFreeMail.com, ComeHome.net

CONFIDENTIALITY NOTICE: This message is for the named person's use only. 
It may contain confidential, proprietary or legally privileged 
information. No confidentiality or privilege is waived or lost by any 
erroneous transmission. If you receive this message in error, please 
immediately destroy it and notify the sender. You must not, directly or 
indirectly, use, disclose, distribute, or copy any part of this message 
if you are not the intended recipient.



More information about the horde mailing list