User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4a) Gecko/20030328 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4a) Gecko/2003032804 When prompted for a Login/Password using the new NTLM Authentication, checking the "USE PASSWORD MANAGER TO SAVE THESE VALUES" does not work. It appears that the values are in the password manager, but closing Moz -- reopening -- and going back to the site for NTLM gives an EMPTY Login/Password prompt. Reproducible: Always Steps to Reproduce: 1. Go to website using NTLM Authentication 2. Enter valid Login/Password & CHECK BOX to save info in Password Manager (OK) 3. Close & Reopen Mozilla. 4. Go back to website that used NTLM Auth. Actual Results: You get a blank login/password prompt Expected Results: You should see a login/password prompt with your information ALREADY in them.
WORKAROUND: Clear pre-existing Basic Authtication from Password Manager ... Once the saved login/passwords are removed, it saves properly. There are only problems with sites that have pre-existing L/P from Basic Authentication still in password manager
ah, that would explain why i couldn't repro this bug. hmm... investigating...
Severity: normal → minor
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Target Milestone: --- → mozilla1.4beta
Summary: NTLM Authentication not stored in Password Manager (Basic Auth is) → Password Manager: NTLM does not replace basic auth entries
If we can't get this for 1.4, can we disable the saving for NTLM? How close is this? We want to do 1.4b sooner rather than later. Could a fix be safe enough for 1.4 final?
Keywords: nsbeta1 → nsbeta1-
If a simple patch comes along we'd consider it but we're not going to block on this. If we don't get a patch then this should be a release note.
Flags: blocking1.4? → blocking1.4-
I don't think we have any design for multiple forms of auth. Maybe a simple patch could add correctness to the dialog (like turning off the checkbox if basic auth is pre-existing?)
Andrew/Darin: is there a testcase to duplicate this bug? thanks!
Andrew Perry: Can you try to capture HTTP log for this bug and post the log as an attachment to this bug. You can find instructions how to capture the log at http://www.mozilla.org/projects/netlib/http/http-debugging.html. Also, is the website you are testing public? Thanks!!
Assignee: darin → suresh
Status: ASSIGNED → NEW
suresh: you said that password manager stores only hostname, username+password, and retrieves the credentials via hostname. Is the goal for 1.4f to add functionality or to hack out existing bad behavior?
This bug also happens with HTTP proxies that require NTLM authentication, and the workaround of clearing old info doesn't work. I went into Password Manager and removed the entry for the proxy. When I tried to access a web site, I put in my credentials and checked the box to save the info in Password Manager. Then everything works, until I completely exit Mozilla and relaunch it - then I have to reenter my name and password for the proxy the first time I go to a web site.
Whiteboard: [NTLM][ETA: June 12, 2003] → [NTLM][ETA: June 12, 2003][necko-backlog]
I strongly believe this works these days.
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.