After configuring roundcube-0.3.1 I have found that having suhosin.session.encrypt = On results in an automatic logout. From what I can guess, it seems that roundcube bypasses the php session management when checking if your an authenticated user and checks the db directly rather than the session variable. As this entry in the DB will be encrypted it logs you out! Reproducible: Always Steps to Reproduce: 1. emerge and configure roundcube-0.3.1 2. set the suhosin.session.encrypt in /etc/php/apache2-php5/ext-active/suhosin.ini 3. try and login to roundcube, after 2 seconds you'll be logged out.
Created attachment 209980 [details] htaccess file It could also be solved by including the .htaccess file from roundcube-0.3.1, which locallay sets suhosin.session.encrypt = Off.
(In reply to comment #1) Thanks for this, its worked... However, I'm unable to find reference to it in the roundcube-0.3.1.ebuild. Was this a gentoo addition that's gone missing or is this something that upstream have removed?
Perhaps the ebuild should be modified with the following: ... doins -r [[:lower:]]* SQL ... To: ... doins -r [[:lower:]]* SQL doins .htaccess ... so also the .htaccess file is installed.
Fixed in the latest revision bump.