6.0.0-beta1
▾
Tasks
New Task
Search
Photos
Wiki
▾
Tickets
New Ticket
Search
dev.horde.org
Toggle Alerts Log
Help
11/16/25
H
istory
A
ttachments
C
omment
W
atch
Download
Comment on [#3696] Add authentication for remote calendars
*
Your Email Address
*
Spam protection
Enter the letters below:
. . __. __. ..___. |\ |(__ (__ | | | \|.__).__)\__| |
Comment
> OK - no problem. I wanted to obfuscate the value in the database > without hard-wiring any magic cookies in the code. However, I agree > it's not particularly secure, and we can make it a bit stronger by > separating the key from the encrypted value. > > > > As an (imperfect) alternative, I could add a configuration parameter > in the Horde setup for a global encryption key, optionally generating > a random value for a new Horde installation where no key exists. If > this makes sense, I can also declare a new setup configuration tab to > define shared encryption parameters (key, key strength, algorithm, > etc.). I can then plug these parameters into the Secret class. I > will also add some convenience methods for the Base64 string wrapper. > > > > I'll put together a fresh patch with these additional changes for > your review. I'm also open to other suggestions. Do yo think this > same approach would work to protect the IMP fetch mail credentials? > > > > Thanks, > > Tom > >
Attachment
Watch this ticket
N
ew Ticket
M
y Tickets
S
earch
Q
uery Builder
R
eports
Saved Queries
Open Bugs
Bugs waiting for Feedback
Open Bugs in Releases
Open Enhancements
Enhancements waiting for Feedback
Bugs with Patches
Enhancements with Patches
Release Showstoppers
Stalled Tickets
New Tickets
Horde 5 Showstoppers