| Author |
|
youriv
Groupie
Joined: 20 November 2013
Location: United Kingdom
Online Status: Offline
Posts: 40
|
| Posted: 18 February 2014 at 12:53am | IP Logged
|
|
|
We use Webmail pro. The email stays logged in even after closing the browser and re-opening again. I find this quite unsafe. Is Webmail supposed to do this?
Why is the session still logged in after closing a browser and what can we do to fix this please?
Thanks,
Youri
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 18 February 2014 at 2:09am | IP Logged
|
|
|
This behavior depends on whether you check "Remember me" option on login screen. If you do, then you will be logged into the same account upon reopening webmail client. That's the default behavior, and if you don't want it, you can untick the checkbox before logging in. Also, you can reconfigure your installation to change those defaults, see this documentation page.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
youriv
Groupie
Joined: 20 November 2013
Location: United Kingdom
Online Status: Offline
Posts: 40
|
| Posted: 18 February 2014 at 2:02pm | IP Logged
|
|
|
Hi Igor,
I have done that, Remember Me box is not checked when I login. Webmail STILL stays in logged. What is going on?
|
| Back to Top |
|
| |
youriv
Groupie
Joined: 20 November 2013
Location: United Kingdom
Online Status: Offline
Posts: 40
|
| Posted: 18 February 2014 at 2:11pm | IP Logged
|
|
|
This is only happening in Google Chrome by the way. So it seems to be specific to Google Chrome only.
Would there be a way to fix this?
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 19 February 2014 at 3:05am | IP Logged
|
|
|
According to the developers, that behavior is specific to Google Chrome indeed, it basically discards the session configuration we enforce. To work around that, open chrome://flags page and try turning #disable-restore-session-state option on.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
youriv
Groupie
Joined: 20 November 2013
Location: United Kingdom
Online Status: Offline
Posts: 40
|
| Posted: 20 February 2014 at 12:16pm | IP Logged
|
|
|
Thanks for that. I just restarted my computer which was completely turned off since yesterday. And Webmail was automatically logged in when I visited the URL!!!
This is a serious security problem and needs looking into surely?? Why is there no timeout??
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 20 February 2014 at 11:05pm | IP Logged
|
|
|
Did you activate the setting I mentioned in my previous message? If Chrome is configured to restore session state, which seems to be default configuration now - there's nothing really we can do about that, adding timeout is not going to help.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
youriv
Groupie
Joined: 20 November 2013
Location: United Kingdom
Online Status: Offline
Posts: 40
|
| Posted: 21 February 2014 at 4:17am | IP Logged
|
|
|
Yes I did that.
Why don't you record the last activity by the user in the database, compare this to the current time and if the time difference is larger than lets say 10 minutes you will automatically be logged in. That would fix this.
Would that be possible?
This is Google at it's worst for sure!
|
| Back to Top |
|
| |
Igor
AfterLogic Support
Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
|
| Posted: 21 February 2014 at 4:32am | IP Logged
|
|
|
I've forwarded your suggestions to the developers.
Actually, since WebMail Lite is open-source software, you can modify the product to make it meet your requirements. Also, you can submit patches and improvements via GitHub.
--
Regards,
Igor, AfterLogic Support
|
| Back to Top |
|
| |
youriv
Groupie
Joined: 20 November 2013
Location: United Kingdom
Online Status: Offline
Posts: 40
|
| Posted: 21 February 2014 at 10:39am | IP Logged
|
|
|
Thank you Igor, I am using the paid version.
|
| Back to Top |
|
| |
MailBee.NET Objects 
MailBee.NET Queue 
MailBee Objects 
WebMail Pro PHP 
AfterLogic Aurora 
MailSuite Pro for Linux 
Unified Messaging Solution 
Search
Register
Login
Topic: Logging out
Privacy policy |
Refund policy