diff --git a/plugins/sso/sso.php b/plugins/sso/sso.php
index f56607f2a30c15556a578e2f242b7703a0734d0f..5f7db68a0ac1afe48a4fe4d6604ee43af471840c 100644
--- a/plugins/sso/sso.php
+++ b/plugins/sso/sso.php
@@ -13,12 +13,13 @@ class sso extends rcube_plugin
 {
   private $redirect_query;
 
-  function init() 
+  function init()
   {
     $this->add_hook('startup', array($this, 'startup'));
     $this->add_hook('authenticate', array($this, 'authenticate'));
     $this->add_hook('login_after', array($this, 'login'));
     $this->add_hook('logout_after', array($this, 'logout'));
+    $this->add_hook('storage_connect', array($this, 'storage_connect'));
   }
 
   function startup($args)
@@ -29,14 +30,11 @@ class sso extends rcube_plugin
       use it to login.
     */
     if (!empty($_SERVER['SSO_USER']) && !empty($_SERVER['SSO_TICKET'])) {
-      $rcmail = rcmail::get_instance();
-      $rcmail->add_shutdown_function(array('sso', 'shutdown'));
-
       if (empty($_SESSION['user_id'])) {
         $args['action'] = 'login';
         $this->redirect_query = $_SERVER['QUERY_STRING'];
-      } else if (!empty($_SESSION['user_id']) && empty($_SESSION['password']) && !empty($_SERVER['SSO_TICKET'])) {
-        $_SESSION['password'] = $rcmail->encrypt($_SERVER['SSO_TICKET']);
+      } else {
+        $_SESSION['password'] = null;
       }
     }
 
@@ -47,9 +45,7 @@ class sso extends rcube_plugin
   {
     if (!empty($_SERVER['SSO_USER'])) {
       $args['user'] = $_SERVER['SSO_USER'];
-      if (!empty($_SERVER['SSO_TICKET'])) {
-        $args['pass'] = $_SERVER['SSO_TICKET'];
-      }
+      $args['pass'] = null;
     }
 
     $args['cookiecheck'] = false;
@@ -66,12 +62,6 @@ class sso extends rcube_plugin
     header("Location: " . $sso_logout_url, true, 307);
   }
 
-  function shutdown()
-  {
-    // No need to store the SSO ticket in the Roundcube session.
-    rcmail::get_instance()->session->remove('password');
-  }
-
   function login($args)
   {
     if ($this->redirect_query) {
@@ -80,4 +70,14 @@ class sso extends rcube_plugin
     }
     return $args;
   }
+
+  function storage_connect($args)
+  {
+    if (!empty($_SERVER['SSO_USER']) && !empty($_SERVER['SSO_TICKET'])) {
+      $args['user'] = $_SERVER['SSO_USER'];
+      $args['pass'] = $_SERVER['SSO_TICKET'];
+    }
+    return $args;
+  }
+
 }