User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5a) Gecko/20030718 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5a) Gecko/20030718 Using 'Basic Authentication' Server: Domino 5/6 With previous versions of Mozilla I could log on to the top level of a domain and browser all sub trees i.e. intranet/ intranet/courses intranet/resources etc without being prompted to enter my password again. With 1.5a I am now prompted for my password every time I move between branches and sub-branches. I can't find any new settings within Preferences to overrule this behaviour. The feature has been reproduced within Mozilla 1.5a on WinXP and OSX Reproducible: Always Steps to Reproduce: 1. 2. 3. Expected Results: Same as previously happened up to this version. Username / password valid within domain.
-> Networking:http Can you please attach a Http log ? http://www.mozilla.org/projects/netlib/http/http-debugging.html
Assignee: general → darin
Component: Browser-General → Networking: HTTP
QA Contact: general → httpqa
Created attachment 130223 [details] HTTP Log Requested HTTP Log attached as zip file. Thanks for the quick reply
Attachment #130223 - Attachment mime type: text/plain → application/zip
the multiple login prompts occur because the server is using multiple different auth realms. from the log file, i see 3 different realms used in fact: WWW-Authenticate: Basic realm="/" WWW-Authenticate: Basic realm="/ptl" WWW-Authenticate: Basic realm="/ptl/common" so, it is correct for mozilla to prompt the user 3 separate times for username and password for these 3 separate auth realms. marking INVALID
Status: UNCONFIRMED → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → INVALID
ok, nevermind! i spoke way too soon. it's not just the auth realms that matter; it is also the URL paths that matter. below i list out the directory portion of the URL corresponding to the resulting auth realm: path=/ -> realm=/ path=/ptl/AdminStaff6.nsf/ -> realm=/ptl path=/ptl/common/social.nsf/ -> realm=/ptl/common while it is true that if the auth realms had all been the same, mozilla would not have prompted you more than once, it is also true that mozilla should automatically send the credentials from path=/ to the other paths since they are within the same protection space (as defined in RFC 2617). this is definitely a regression in mozilla's HTTP implementation.
Severity: normal → major
Status: RESOLVED → UNCONFIRMED
Priority: -- → P2
Resolution: INVALID → ---
Target Milestone: --- → mozilla1.5beta
ok, so this is actually a duplicate of bug 213282, which i fixed shortly after 1.5a shipped... please pull a nightly build or wait for 1.5b which should be coming out shortly ;-) *** This bug has been marked as a duplicate of 213282 ***
Status: NEW → RESOLVED
Last Resolved: 15 years ago → 15 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.