Closed
Bug 282437
Opened 20 years ago
Closed 19 years ago
User prompted for token password even when device has own authentication hardware (e.g. biometrics)
Categories
(Core Graveyard :: Security: UI, enhancement)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 119500
People
(Reporter: nelson, Assigned: KaiE)
References
Details
Some PKCS11 devices have their own hardware for authenticating their users. These devices do not need (or want) the user to enter a password through mozilla UI. NSS provides a function by which mozilla can ask it "Does this device need a password dialog?" but mozilla apparently does not call it or use the result. Consequently, mozilla users get prompted for token passwords when they should not. The solution is to get mozilla's password callback function, PK11PasswordPrompt, (see http://lxr.mozilla.org/mozilla/source/security/manager/ssl/src/nsNSSCallbacks.cpp#134 to call PK11_ProtectedAuthenticationPath() and use its answer. Bug 110062 shows the history of this issue in NSS. RFE 229023 requested example code of how to use NSS's function PK11_ProtectedAuthenticationPath in a password callback function. In a nutshell, if PK11_ProtectedAuthenticationPath returns true, the password callback function should return a strdup'ed empty string without prompting the user for a password. Perhaps it would be OK for mozilla to display a dialog that says "authenticate to your token now, and then click OK". This would alert the user to the action he must take, and would not misdirect him to enter an unneeded password.
Comment 1•19 years ago
|
||
Nelson, isn't this a duplicate of bug 119500?
Reporter | ||
Comment 2•19 years ago
|
||
Yes, it's a dup. I searched for a PSM bug about this issue, prior to filing this bug, but didn't find it. Thanks for finding the dup. *** This bug has been marked as a duplicate of 119500 ***
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•