Multiple login prompts within Intranet domain

VERIFIED DUPLICATE of bug 213282

Status

()

Core
Networking: HTTP
P2
major
VERIFIED DUPLICATE of bug 213282
15 years ago
15 years ago

People

(Reporter: Paul Hudson, Assigned: Darin Fisher)

Tracking

({regression})

Trunk
mozilla1.5beta
x86
Windows XP
regression
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

35.29 KB, application/zip
Details
(Reporter)

Description

15 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5a) Gecko/20030718
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5a) Gecko/20030718

Using 'Basic Authentication'
Server: Domino 5/6

With previous versions of Mozilla I could log on to the top level of a domain
and browser all sub trees

i.e. 
intranet/
intranet/courses
intranet/resources 

etc

without being prompted to enter my password again.

With 1.5a I am now prompted for my password every time I move between branches
and sub-branches. I can't find any new settings within Preferences to overrule
this behaviour.

The feature has been reproduced within Mozilla 1.5a on WinXP and OSX

Reproducible: Always

Steps to Reproduce:
1.
2.
3.



Expected Results:  
Same as previously happened up to this version. Username / password valid within
domain.
-> Networking:http

Can you please attach a Http log ?
http://www.mozilla.org/projects/netlib/http/http-debugging.html
Assignee: general → darin
Component: Browser-General → Networking: HTTP
QA Contact: general → httpqa
(Reporter)

Comment 2

15 years ago
Created attachment 130223 [details]
HTTP Log

Requested HTTP Log attached as zip file. Thanks for the quick reply
Attachment #130223 - Attachment mime type: text/plain → application/zip
(Assignee)

Comment 3

15 years ago
the multiple login prompts occur because the server is using multiple different
auth realms.  from the log file, i see 3 different realms used in fact:

 WWW-Authenticate: Basic realm="/"
 WWW-Authenticate: Basic realm="/ptl"
 WWW-Authenticate: Basic realm="/ptl/common"

so, it is correct for mozilla to prompt the user 3 separate times for username
and password for these 3 separate auth realms.

marking INVALID
Status: UNCONFIRMED → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → INVALID
(Assignee)

Comment 4

15 years ago
ok, nevermind!  i spoke way too soon.  it's not just the auth realms that
matter; it is also the URL paths that matter.  below i list out the directory
portion of the URL corresponding to the resulting auth realm:
 
  path=/                       -> realm=/
  path=/ptl/AdminStaff6.nsf/   -> realm=/ptl
  path=/ptl/common/social.nsf/ -> realm=/ptl/common

while it is true that if the auth realms had all been the same, mozilla would
not have prompted you more than once, it is also true that mozilla should
automatically send the credentials from path=/ to the other paths since they are
within the same protection space (as defined in RFC 2617).  this is definitely a
regression in mozilla's HTTP implementation.
Severity: normal → major
Status: RESOLVED → UNCONFIRMED
Keywords: regression
Priority: -- → P2
Resolution: INVALID → ---
Target Milestone: --- → mozilla1.5beta
Status: UNCONFIRMED → NEW
Ever confirmed: true
(Assignee)

Comment 5

15 years ago
ok, so this is actually a duplicate of bug 213282, which i fixed shortly after
1.5a shipped... please pull a nightly build or wait for 1.5b which should be
coming out shortly ;-)

*** This bug has been marked as a duplicate of 213282 ***
Status: NEW → RESOLVED
Last Resolved: 15 years ago15 years ago
Resolution: --- → DUPLICATE
verified dupe
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.