Is there a "proper" way for Roundcube plugins to be accessing/writing to session data? I was assuming that $_SESSION would be okay, but it seems that if you are putting data in $_SESSION before the authenticate hook it will be killed by $RCMAIL->kill_session(); on line 76 of index.php.
Having debugged it through xdebug, it seems as if the session data is being killed by rc. Here is what I am seeing: - library is called from plugin "startup" hook. This forces an unauth'd session to redirect to url of login service to establish authentication credentials - once auth'd it redirects back to the Roundcube url with $_SESSION['phpCAS'] set - again plugin "startup" hook is called, but $_SESSION['phpCAS'] exists so session is authenticated so startup hook sets $startup['action'] = 'login' - index.php evaluates ($RCMAIL->action=='login' && $RCMAIL->task=='mail') to true and executes $RCMAIL->kill_session(); on line 76 of index.php - $_SESSION['phpCAS'] gets nuked Is there a way of saving and restoring phpCAS so that when authenticate hook is called it will exist in $_SESSION? _______________________________________________ List info: http://lists.roundcube.net/dev/
