[imp] imp CVS, hordeauth / auto login and secure request token checker thing
Chuck Hagenbuch
chuck at horde.org
Fri Mar 7 23:17:26 UTC 2008
Quoting Liam Hoekenga <liamr at umich.edu>:
> I installed HEAD. We use a custom auth handler, and have hordeauth set to
> true in imp/servers.php
>
> We're entering the application through https://mail.example.edu/horde/,
> and now we're getting..
>
> "It cannot be verified that this request was really sent by you. It could
> be a potentially malicious request."
>
> How do we fix this? How do we provide required tokens to let us in, or
> how do we turn this off?
There aren't currently tokens on login - can you dig a bit into this?
The only way you should get a token error on that URL is if Horde
thinks you're logging out. It's be helpful to know the code path that
is triggering.
-chuck
More information about the imp
mailing list