Closed Bug 248465 Opened 20 years ago Closed 9 years ago

multiple authentication to the same site doesn't work

Categories

(Core :: Networking, enhancement)

enhancement
Not set
normal

Tracking

()

RESOLVED WONTFIX

People

(Reporter: xerxas, Unassigned)

References

()

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040206 Firefox/0.8 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040206 Firefox/0.8 The browser doesn't support two different authentication to the same site. Tested on windows and on linux , with mozilla browser 1.6 , firfox 0.8 and firefox 0.9 Reproducible: Always Steps to Reproduce: 1. login as user1 on a web site 2. open a new window or tab 3. login as user2 on the same site 4. Go back to the user1 window and Press refresh or any link Actual Results: You will be logged as user2 Expected Results: Mozilla should allow multiple authentication to the same site I think this is really a usefull feature: I can do logout, but in some web applications you sometime need to be as admin or as user both at the same time(e.g: Zope). Its boring to log in and out every minutes when you're doing administration or web application developpement.
*** This bug has been marked as a duplicate of 117222 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
(In reply to comment #1) > > *** This bug has been marked as a duplicate of 117222 *** This doeesn't seem to be a cookie issue: I've setup a test: http://xerxas.is-a-geek.net/bugzilla/test.php log in as bob/bob Then open a new tab on http://bill@xerxas.is-a-geek.net/bugzilla/test.php with password bill Then go back to the previous tab and do a refresh. Here is the content of my test.php: # cat test.php <?php echo $_SERVER['REMOTE_USER'] ?> I don't think this uses cookies, right ?
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---
you gave orkut as example. that one does use cookies. I don't know what Zope uses. hmm, I can't find an existing bug on this. personally, I like it that mozilla caches the auth data. what you want effectively disables that caching.
Severity: normal → enhancement
(In reply to comment #3) > you gave orkut as example. that one does use cookies. I don't know what Zope uses. Zope doesn't cookies, but it's not really important , I said wrong things and I shouldn't talk about orkut. > personally, I like it that mozilla caches the auth data. what you want > effectively disables that caching. I also like that mozilla caches the auth data and I don't think that this feature should disable it. This feature should instead selectively cache the auth data whether you logged in several times or not. From a user point of view, I don't think the actual behaviour is the intended one. When I let some friends use my computer to see their orkut account they notice this as boring (This bug has nothing to do with orkut but the baheviour is typically the same). I also noticed this as ennoying when working on zope.
so when I load the page in the same window again, the cached auth data should be reused, but not when I laod a page in a different window? what if I follow a link to an auth-protected page in the same realm in a new window? surely that should send the auth data w/o asking?
(In reply to comment #5) > so when I load the page in the same window again, the cached auth data should be > reused, but not when I laod a page in a different window? > > what if I follow a link to an auth-protected page in the same realm in a new > window? surely that should send the auth data w/o asking? I don't know that this problem needs fixed, it is by design. But I thought I point out how IE deals with this problem. If you open a new instance of IE by pressing the IE icon again, then it does not share the auth cache. Actually it is a completely seperate IE process so no in memory information is shared at all. To my knowledge using multiple Mozilla processes at the same time with the same profile is currently not advised (Correct me if I'm wrong). But in a user's mind relaunching the app (as apposed to clicking Cntrl-N, or using the gui to create a new window) makes a clear distinction between the Moz instances.
> To my knowledge using multiple Mozilla processes at the same time with the > same profile is currently not advised (Correct me if I'm wrong). You are correct.
(In reply to comment #5) > so when I load the page in the same window again, the cached auth data should be > reused, but not when I laod a page in a different window? No , it should be used or overwritten: If I login as another user, on the same realm, cached auth data must be overwritten for this window, but not others. > > what if I follow a link to an auth-protected page in the same realm in a new > window? surely that should send the auth data w/o asking? Yep , and it will do it, only If I want to login as another user I must login again. Maybe windows should have an option that allows us to use the browser cached auth data, or create a new instance of auth data for this windows only, which herits from the global ones. How we should handle this is not really clear, but I think that what the users waits for is really clear: User want to transparently be able to login multiple times to the same site, within windows or tabs, without being asked for his password each time he opens a new tab on realms where he has already logged-in. No matter if he opens a new window, tab, or whatever. IE also handles this strangely and we don't need to stick to IE behaviour for this. Do you agree ? Do you think of another behaviour ?
I use firefox for my daily work with zope and have the same problem, so I can specify my requirements precisely. I would be deeply grateful for the following features: - the ability to store multiple login credentials per site - a change of the login dialog so that it has a dropdown list for the different login names. The last one used should be selected by default, so there is no significant difference to the current UI behaviour for users that don't need this feature. - the cached auth data should be used within the same site (or whatever was the mechanism up to now) when following links, regardless whether within the same tab/window or a new one. Otherwise the user should be asked for login and password, e.g. when opening a new tab/window and choosing the URL from the bookmarks or entering it manually.
This is an automated message, with ID "auto-resolve01". This bug has had no comments for a long time. Statistically, we have found that bug reports that have not been confirmed by a second user after three months are highly unlikely to be the source of a fix to the code. While your input is very important to us, our resources are limited and so we are asking for your help in focussing our efforts. If you can still reproduce this problem in the latest version of the product (see below for how to obtain a copy) or, for feature requests, if it's not present in the latest version and you still believe we should implement it, please visit the URL of this bug (given at the top of this mail) and add a comment to that effect, giving more reproduction information if you have it. If it is not a problem any longer, you need take no action. If this bug is not changed in any way in the next two weeks, it will be automatically resolved. Thank you for your help in this matter. The latest beta releases can be obtained from: Firefox: http://www.mozilla.org/projects/firefox/ Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html Seamonkey: http://www.mozilla.org/projects/seamonkey/
This bug is still unconfirmed, we should change it to new or delete it. Anyway, I would really appreciate to have this feature.
-> reassign to default owner
Assignee: darin.moz → nobody
QA Contact: benc → networking
this is a niche use case that private browsing is usually used to manage..
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago9 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.