233989 - [pwd-mngr] password forgotten after logging out (http auth)

Status: RESOLVED DUPLICATE of bug 220022

(Toolkit :: Password Manager, defect)

Description

[Nitin (vfwlkr)]

Firefox/bird equivalent of bug 220022
Can reproduce both with firebird 0.7 and firefox 0.8

Steps to reproduce:
1. Go to any site that uses a http authentication prompt.
2. Login with username and password. Check the "remember my password" box
3. Go to Tools->Options->View Saved Passwords
= The password is shown as saved
4. Logout 
= The password is still shown as saved
5. attempt to login again
= http auth prompt is seen without username/password filled in
6. Cancel and go to Tools->Options->View saved passwords
The saved password has been lost!

If you omit step 4, restart firefox, and attempt to login, 
= http auth prompt is seen with username/password filled in

Comment 1

[Nitin (vfwlkr)]

Attachment: screenshot of http auth prompt

Adding screenshot of prompt, when attempting to log back in after logout
(username/password is not filled).

Comment 2

[Brian Ryner (not reading)]

How exactly does one log out of a site after authenticating with HTTP auth?  I
suspect this may be hitting the code in nsHttpChannel that intentionally removes
the password manager entry.  Darin, can you shed some light on this?

Comment 3

[Brian Ryner (not reading)]

Per discussion with darin, this is something that the http code does and not
specific to firefox's password manager.


*** This bug has been marked as a duplicate of 220022 ***

Comment 4

[Nitin (vfwlkr)]

v

Comment 5

[Nitin (vfwlkr)]

Reopening, as the bug 220022 is now for "Mozilla Application Suite".

Comment 6

[Nitin (vfwlkr)]

Attachment: Compressed http log for a logout

In Bug 220022, Darin Wrote:
> How do you "log out" of http auth? We've got bugs begging us to implement it.

> Can someone capture an http header log of such a session?
> http://www.mozilla.org/projects/netlib/http/http-debugging.html
> Before attaching the output to the bug look it over and replace your password

> with XXXXXXXXXXX (or be prepared to change it after everyone here sees it

Attaching compressed log.
Session description:
- set variables
- start firefox
- visit my website cpanel (replaced in the log with http://www.mysite.net:2082)


- Press enter to accept the stored password
- let the page load
- click on the logout button
- click on the link "click here to login again"
- re-prompted without password prefill
- press cancel
- close firefox

Comment 7

[William Eder]

I interested in this bug too. I use phpmyadmin with Basic Auth protection, and use lots of user. All project have different user and password for database  administration. In Mozilla Suite (1.7.x) have good idea for Basic Auth: there have an user switch window where can choose the user to login (which I want to use). But in Firefox allways loading the last typed username and password, and can't choose the previously stored username and password. 
The another 'bug' in Firefox, when I click "Logout" in phpmyadmin, my currently used username and password removed from my stored passwords and to login that user, I must be typed again if I want to use.

So in Mozilla Firefox the user switch window for authentication is great (like Mozilla 1.7.x). Or if somebody know a plugin for user switch...

The third problem, when I open a new Tab (or new Window), the session inherited, and I couldn't use the phpmyadmin with another user.

I suppose this bug is also similar to my problem: https://bugzilla.mozilla.org/show_bug.cgi?id=201620

Comment 8

[Nelson Bolyard (seldom reads bugmail)]

Consolidating all "password lost after logout" bugs to bug 220022

*** This bug has been marked as a duplicate of 220022 ***