Closed
Bug 295238
Opened 19 years ago
Closed 7 years ago
When insert a bad password in a http-authentication and in the next authentication the correct password, after authentication the bad password is kept
Categories
(Core :: Networking, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 201620
People
(Reporter: lolc, Unassigned)
References
Details
(Keywords: helpwanted, Whiteboard: [necko-would-take])
Attachments
(1 file)
|
31.43 KB,
application/zip
|
Details |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 In a page that uses http-authentication, in the first time insert correct username and bad password. The prompt apears again, so insert the correct username and correct password, the login is done, but the first password is cached. The server application (PHP) that uses the password cached in apache authentication session return errors, because is the wrong one. Reproducible: Always Steps to Reproduce: 1.In a page that uses http-authentication, in the first time insert correct username and bad password. 2.In the second prompt, insert the correct username and the correct password. Actual Results: Although to type the correct password and the successfully login after the second time, the first password is cached, then the server application that uses the password return errors. Expected Results: Firefox need to clear the apache authentication session and send the correct username and password.
|
||
Updated•19 years ago
|
Assignee: nobody → darin
Component: General → Networking: HTTP
Product: Firefox → Core
QA Contact: general → networking.http
Summary: When insert a bad password in a http-authetication and in the next authentication the correct password, after authentication the bad password is kept → When insert a bad password in a http-authetication and in the next authentication the correct password, after authentication the bad password is kept
Version: unspecified → 1.7 Branch
|
||
Updated•19 years ago
|
Keywords: helpwanted
|
||
Comment 1•19 years ago
|
||
Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b2) Gecko/20050517 Firefox/1.0+ I use http auth all the time, and I have never seen this. Do you have some form of log or network trace showing the wrong data being sent?
|
Reporter | |
Comment 2•19 years ago
|
||
I use http auth with PHP, in all pages, after login, the web application verify user (PHP_AUTH_USER) and password (PHP_AUTH_PW), if I insert a bad password in the first auth, and the correct one in the second auth, after login I get errors when I try to access the internal pages (incorrect password). With IE, Mozilla or Netscape I do not have the errors that I have with Firefox, so it coud be a problem with Firefox. If you want, I will send you a login and password to my system to you see the error by yourself, just reply this comment. Regards, Luis Otavio. (In reply to comment #1) > Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b2) Gecko/20050517 > Firefox/1.0+ > > I use http auth all the time, and I have never seen this. Do you have some > form of log or network trace showing the wrong data being sent?
|
|
||
Comment 3•19 years ago
|
||
(In reply to comment #2) > ... . With IE, Mozilla or Netscape I do not have the errors that I have > with Firefox, so it coud be a problem with Firefox. By all means post a test username and password here. I would recommend that you check with ethereal what is happening over your network and/or create an http log http://www.mozilla.org/projects/netlib/http/http-debugging.html See Bug 292262 "Multiple passwords in HTTP basic authentication will not be transmitted correctly"
|
|
Reporter | |
Comment 4•19 years ago
|
||
(In reply to comment #3) > See Bug 292262 "Multiple passwords in HTTP basic authentication will not be > transmitted correctly" This is the same error! I believe that is a Bug, how can I proceed now?
|
|
||
Comment 5•19 years ago
|
||
Yes. You could mark your Bug as a duplicate (There may be one or two others as well). I am with Bug 292262 comment 1 . What is probably needed is more information: A log and/or network trace of the problem. What versions are affected? Is this a regression? Can the defect be readily reproduced?
|
|
Reporter | |
Comment 6•19 years ago
|
||
I did the test suggested in the last comment that generated this log.
Summary: When insert a bad password in a http-authetication and in the next authentication the correct password, after authentication the bad password is kept → When insert a bad password in a http-authentication and in the next authentication the correct password, after authentication the bad password is kept
|
|
||
Comment 7•18 years ago
|
||
-> default owner
Assignee: darin → nobody
Component: Networking: HTTP → Networking
QA Contact: networking.http → networking
Version: 1.7 Branch → Trunk
This is 3 years later, but I've encountered what I think is the exact same problem in FF 3.5: After incorrectly entering a password--and clicking the "Remember" tab that pops up--I was unable to log in even after correctly typing the password manually. I had to restart the browser and log in again manually to ensure that the browser was not reverting to the first-entered (and incorrect) password. Some kinda password cache issue??
|
||
Updated•8 years ago
|
Whiteboard: [necko-would-take]
|
||
Comment 9•7 years ago
|
||
This is same as bug 201620, and was actually fixed by bug 137852.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•