| Summary | Bad login message |
| Queue | IMP |
| Queue Version | Git master |
| Type | Bug |
| State | Resolved |
| Priority | 2. Medium |
| Owners | slusarz (at) horde (dot) org |
| Requester | goncalo.queiros (at) portugalmail (dot) net |
| Created | 09/01/2010 (5420 days ago) |
| Due | |
| Updated | 09/02/2010 (5419 days ago) |
| Assigned | 09/02/2010 (5419 days ago) |
| Resolved | 09/02/2010 (5419 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | 5 |
| Patch | No |
State ⇒ Resolved
Version ⇒ Git master
Milestone ⇒ 5
Priority ⇒ 2. Medium
State ⇒ Assigned
Queue ⇒ IMP
Version ⇒
H3, which uses c-client. What I previously said is correct - dimp 1.x
uses c-client which has very limited login error handling.
#2- As for IMP 5.x - login error handling can be improved. However,we are still very limited by the possible error messages that can be
given. Per RFC 3501, the reason for authentication is not specified
(actually, it might be in the IMAP response, but odds are very high
that this explanation is either technical in nature and/or completely
in English).
Very recently (RFC 5530), additional response codes were defined that
potentially give better information on failure reasons. At this time,
adoption of these new response codes by IMAP servers is limited
(although I can verify that Dovecot 2.0.1 uses at least some of them).
So use information provided by these response codes, if given. If
not, we MUST default to an authentication failure message even though
it might be a server issue (see RFC 5530[3]).
As far as translations - no Exception messages are translated (since
1) they are not really designed to be passed to the end user and/or 2)
we still haven't determined how to handle gettext strings in framework
packages).
Request #9211: Improved login error reporting in IMPhttp://git.horde.org/diff.php/imp/docs/CHANGES?rt=horde-git&r1=020fc3b127d30adae4310e4445c5eac895b75973&r2=2a3c7ea011d364b024424b124584a06238ea4310
http://git.horde.org/diff.php/imp/lib/Auth.php?rt=horde-git&r1=b0ee59fe2b830806015bb4a030a5106d29cb3993&r2=2a3c7ea011d364b024424b124584a06238ea4310
Request #9211: More thorough login exception error reporting.Use RFC 5530 defined response codes, if possible.
Also, treat 'CONTACTADMIN' response code as an 'ALERT'.
http://git.horde.org/diff.php/framework/Imap_Client/lib/Horde/Imap/Client/Exception.php?rt=horde-git&r1=eb710536fde5483880c3e9c4ba38fa62df066bb4&r2=4d3bc03b9f4876a59c551843b350ac3b2e7b6d35
http://git.horde.org/diff.php/framework/Imap_Client/lib/Horde/Imap/Client/Socket.php?rt=horde-git&r1=8717bf1a8e8ab9fb3ebc609424f630d2c59177d0&r2=4d3bc03b9f4876a59c551843b350ac3b2e7b6d35
http://git.horde.org/diff.php/framework/Imap_Client/package.xml?rt=horde-git&r1=a88ee4ed970f2de8d3fce4280ff97d4de9b8a39f&r2=4d3bc03b9f4876a59c551843b350ac3b2e7b6d35
i can tell, it raises pretty correct errors when the user provides a
wrong username/password. Can't we give a more meaningful error message
to user when using client_socket?
If this is not changed, then i guess that Horde_Auth::REASON_FAILED
and Horde_Auth::REASON_BADLOGIN will never be used on login.php right?
Btw, there's a bunch of Exceptions being thrown without translation
"IMAP server denied authentication." is one of them.
State ⇒ Not A Bug
Since c-client doesn't provide a reliable error reporting mechanism,
we have to play it safe and provide a generic bad login message.
State ⇒ Unconfirmed
Patch ⇒ No
Milestone ⇒
Queue ⇒ DIMP
Summary ⇒ Bad login message
Type ⇒ Bug
Priority ⇒ 1. Low
message like "login failed" or "bad username/password" i only get a
"IMAP server denied authentication." one. I found out that this is a
error being thrown if the imap login is not successful.
Don't know if this is the expected behavior but looking at login.php i
think that its Horde intention to notify the user with a more
"friendly" message.