User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3) Gecko/20040913 Firefox/0.10 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3) Gecko/20040913 Firefox/0.10 I am hitting a protected page on a Windows 2003 box running IIS. The server responds with 401 auth required, with WWW-Negotiate headers indicating a willingness to do Negotiate, NTLM, and basic auth. Browser prompts for user/password. Supply a bad password, or an account that doesn't exist, or an account that is locked. Browser sends the NTLM Neg request. Server sends back the NTLM challenge. Browser sends the NTLM Auth request. Server sends back Auth-required as before. So far so good, but then the browser (without prompting for another user/password) initiates the authentication dance all over again with the same credentails, stubbornly flooding the network with the same authentication sequence. Although reported on the Windows browser, the Linux browser has the same problem: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20040914 Firefox/0.10 I am not using any password management, and have Ethereal traces if anyone is interested. Reproducible: Always Steps to Reproduce:
Auth --> Darin
Assignee: dveditz → darin
Component: Security: General → Networking: HTTP
I wonder if my patch for bug 256949 will help this problem. Rich: If you are willing to send me those ethereal traces I'd appreciate it, thx!
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Target Milestone: --- → mozilla1.8beta
A Mozilla HTTP log would be nice too. Instructions here: http://www.mozilla.org/projects/netlib/http/http-debugging.html Thanks!
Created attachment 159865 [details] Ethereal trace of the problem Darin, here's an Ethereal trace of the problem. - Rich
Rich: Thanks! Can you please supply the Mozilla HTTP log as well. See comment #3.
marking FIXED, now that my patch for bug 256949 went in on the trunk, 1.7 branch, and aviary-1.0 branch.
Status: ASSIGNED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → FIXED
*** Bug 259854 has been marked as a duplicate of this bug. ***
*** Bug 259344 has been marked as a duplicate of this bug. ***
*** Bug 265609 has been marked as a duplicate of this bug. ***
You need to log in before you can comment on or make changes to this bug.