Closed Bug 36816 Opened 24 years ago Closed 21 years ago

news should use the server's username / password when authenticating

Categories

(MailNews Core :: Backend, defect, P3)

Product:
MailNews Core
Component:
Backend
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
Future

People

(Reporter: sspitzer, Assigned: johannesteichmann)

References

(Blocks 1 open bug,
URL
)

Details

Attachments

(1 file, 2 obsolete files)

overhauled patch for singleSignon pref
3.83 KB, patch
Bienvenu
: review+
mscott
: superreview+
asa
: approval1.5-
Details | Diff | Splinter Review 
some news servers are set up to have the same username / password for the entire 
server.

currently, we store these per group, so if you read news on three groups, you'd 
have to enter the same user/pass three times.

we should do this:
if remember password is turned on, store the user/pass with the server, and when 
attempting to authenticate, use the server's username and password first.

i'm thinking we might even want to add the username / password fields back into 
the account wizard and making sure there the appropriate username / password ui 
elements in the account manager for a news server.
I'd say the wizard should not - the wizard is designed to cover the 
majority of users, which does not include those who use a username/password 
combination on thier news server.
QA Contact: lchiang → huang
marking m17.
Status: NEW → ASSIGNED
Target Milestone: --- → M17
moving to future milestone.
Target Milestone: M17 → Future
mass change of huang's news bugs to stephend.
QA Contact: huang → stephend
I was going to report this as a bug for 0.8, but I found this bug. Most (all?)
commercial Newsservers use one password for all groups. Using Netscape 4.x to
access Newsguy's newsserver is much simpler than Mozilla, as I only need to
enter my password once.  Since Deja went into a coma, that's a lot of groups I have
to access through Newsguy.
See also bug #85639 - there I ask to make it a preference to use per-server or
per-group authentication with per-server being a default.

About authentication info in wizard - I believe that wizard should ask what kind
of authentication should be used for a particular server, and then password
manager will ask for auth info the first time user logs in. See also bug #39862
that asks (among other things) to put back into wizard and preferences the
"always authenticate/authenticate on request" option.
Keywords: 4xp, mozilla1.0
OS: Windows NT → All
Hardware: PC → All
Keywords: nsbeta1nsbeta1-
Is there any point in denying users the ability to surf from group to group? 
The amount of newsgroups is so large that I find this "missing feature" really 
clumbersome, it might also be a source to the many "wait" - problems of mozilla.

When looking for the solution to a problem, you do NOT want to use the 
newsreader that demands a separate username and password for each single 
newsgroup you searh on!!!
This "missing feature is reported as bug 78356, from a slightly different angle.
Keywords: mozilla1.1
Summary: news use the server's username / password when authenticating → news should use the server's username / password when authenticating
this stupid bug is **** me off!

I read 10 NG on news.easynews.com and I have to enter user/pass everytime I read
new group. The Pword manager don't remember any password/username either.  
*** Bug 98029 has been marked as a duplicate of this bug. ***
I've just been trying to access a news server which requires "global"
authentication, that is, you need to use a username/password before even having
the option of viewing the hosted groups. But I can't really find anywhere to
enter these information. I've tried to browse around on bugzilla, but this was
the closest I could come. Is there anyway of getting this to work, or is it
something that is expected in future releases? (if yes, when?)
Thomas - what you want is called 'Pushed Authentication' and is possible, just
no UI for it - see bug 39862 for instructions on enabling it, and bug 94439 for
the bug to implement the visual interface.
*** Bug 151528 has been marked as a duplicate of this bug. ***
*** Bug 168042 has been marked as a duplicate of this bug. ***
Here is some more bizarreness to add to this bug:

Say I have two groups on the same server, a and b.

I have entered and saved password information for a, but not b.

If I read some articles in a, then immediately read some in b, it works!  No
password needed.

If I haven't read any articles in a for a while, I have to enter a password for
b (known).

  So what it looks like, is that the "connecting" part of mozilla sees news
servers as one-password-per-group, while the "connected" part of mozilla sees
news servers as one-password-per-server.  Specificially, if you already have a
connection to one group (a), and you want to access articles in another group
(b), it reuses the connection as if you were already authenticated with b.
  That is the way it appears to the user anyway.  I am guessing that it actually
just looks up the password for the group being accessed whenever it is prompted
for the password by the server.
The reason this bug causes me so many problems is my news service, giganews via
speakeasy.net, has just changed their news service setup on DSL from IP address
authorization to username/password authorization. This results in me having to
type in a 30 character username and a 12 character password each time the
newsserver makes a "auth" request when I am on a specific news group. Since I am
subscribed to 20 odd news groups this can get _extremely_ annoying. This problem
is also getting a lot of attention on the mozilla.org mail list at
mozilla-mail-news "Sh*tty Netscale/Mozilla Newsreader. Do those six or seven
entries qualify as "votes" for this bug?
The reason for variation in the number of incidents of password requests seems
to be the particular newsservers policy on when to issue a "authorization
request. My giganews/speakeasy connection seems to be very happy to issue a
_LOT_ of "auth" requests!!!
 
*** Bug 174487 has been marked as a duplicate of this bug. ***
I'd just like to add my request that this bug, enhancement or whatever be
addressed as well.  I use qwest as my news server and they only have a single
user/pass for the entire group, but having to re-enter for each group is
frustrating.
*** Bug 184892 has been marked as a duplicate of this bug. ***
The various other comments show that my remarks in 184892 are typical of those
who browse newsgroups and find the clumsy username/password handling of Mozilla
to be a substantial usability gripe. I've used my ISP's news server as well as a
commercial one, and both ask for username and password, same as for email
access. There is absolutely no reason why Mozilla shouldn't be as smart as
Netscape 4.x about accessing news servers.
How hard can it be to fix this, along with 34507 and 96896? These all make
browsing authenticated news servers really painful.

Michael, that's a good question. Note that this authentication question
originated in April 2000. I wish I had the tools and knowledge to build Mozilla
myself. Username and password could be in password manager, in prefs.js, or some
other place that holds global data. I've never heard of a news server that
required a user to give a DIFFERENT username and password for each group, but if
each access to a group requires presenting info, Mozilla should present the
default info for that server. If a group needs custom info, giving the default
will produce an error message and dialog boxes for the user to enter the correct
info, no problemo. That would result in far fewer access hassles than the
present coding demands.
The following is related to my observations and post in bug 96896 in the hopes 
that it may help clarify the issue.

Think this is an issue of password manager storing duplicate entries for the 
server (for sending responses, showing groups, subscribing) and entries for each 
group (on the assumption that all (id/passwords will be the same for all 
groups?)

The section id/passwords are obtained from the user interface, but the server 
entries appear to be generated automatically on posting a response.

Per my observations with the passwords, I went back and took the following steps 
and observations.

The following is for a news server that requires a different id/password for 
each section


Unsubscribed from all existing sections

Removed all stored passwords associated with removed sections

Subscribed to first section

Logged on and gave userid and password and checked save password

Password manager showed two entries (id/password) for the section, not the 
server

Read Messages

Responded to Messages

Checked password manager and no change (two entries for section)

Subscribed to second section

Logged on and saved passwords

Password manager showed two additional entries for the new section

Posted a message

Password manager now showed two additional entries FOR THE SERVER in addition to 
the four previous entries.

Access Denials and manual logon prompts begin here and make access to this 
specific server impractical
Keywords: mozilla1.0, mozilla1.1
*** Bug 78356 has been marked as a duplicate of this bug. ***
*** Bug 96896 has been marked as a duplicate of this bug. ***
*** Bug 46118 has been marked as a duplicate of this bug. ***
As I mentioned in bug 96896, comment 30, this now seems to work using
FizzillaMach/2003021017.
*** Bug 163729 has been marked as a duplicate of this bug. ***
*** Bug 192155 has been marked as a duplicate of this bug. ***
Hopefully this bug will get some attention soon. It's annoying to say the least,
and Netscape could do with this feature working in the proper way.
Please disregard my comment 28. I was mistaken. This is still broken in 1.3b.
*** Bug 191616 has been marked as a duplicate of this bug. ***
*** Bug 194377 has been marked as a duplicate of this bug. ***
Here's a bit of strange info concerning this bug.I set up two of the newsgroups
on the server that requires a log in name and password for offline use.When I
went offline I was prompted for the login and password and did the usual *save*
in Mozilla and it *Worked*.The info is in my password file "********.s" under
two entries since I am prompted by two separate screenes for login and
password.I have not been prompted for a login the last 25 times connecting to
the server on any of the 12 groups.
Hey! you guys figure it out.This could hopefully work for everyone else til the
real problem is fixed.This not only fixed this problem but also the problem of
not storing the login and password at all for me since I have never been able to
store info for my news server.
This has increased in importance over time as an increasing number of ISP news
servers trigger the bug.
Flags: blocking1.4a?
*** Bug 195358 has been marked as a duplicate of this bug. ***
This bug should be fixed, I am forced to use IE's newsreader which works fine
with any newsgroup connected to.
*** Bug 198157 has been marked as a duplicate of this bug. ***
Flags: blocking1.4a? → blocking1.4a-
Blocks: majorbugs
*** Bug 197661 has been marked as a duplicate of this bug. ***
The bug is still not fixed. Why is it targeted to a future Milestone Build?
It can't be that difficult to make Newsreader authentication behave like
Mailreader authentication, could it? I would be very pleased to have to enter a
News Username in the Prefs and to get prompted _ONCE_ for a password to that
News-Server. (Just like Mail behaves)
But by now (Version 1.4b) this Bug still is there to annoy me. I have to enter
both Username/Password when first accessing a News server _AND_ sporadically
after that, too. The former would still acceptable (while not nice) but the
latter is really bad. It too does lead to another bug: When prompted for U/Pw
while changing to the next unread message in the same thread, I sometimes
mistype my Password (can happen to anyone, I think) with bad consequences: The
Message that I was going to read isn't downloaded anymore. I get the Auth Error
Messagebox and have that Message displayed with no body. To recover it I tried
to tag the Msg as Unread or sync for Offline Use, but nothing helped. That
message is lost. Very annoing.
Please fix it in 1.4final. Thankyou..

This is an "in your face bug" for those who have to access news servers with
authentication. And it's over 3 years since it has been reported...
Username/password are server wide, not per-newsgroup. So, this bug could be
easily solved if the user defined the username/password in the newsgroup account
settings. This is the way other newsreaders work.
I have a partial workaround for this problem that _appears_ to be working for my 
case.

My case is a private newsgroup server that has a number of "general" sections 
that use the same "general" id/password and then a single "specific" section 
that relates to my work with a different id/password.

Since Mozilla does not allow a new account to use the same server, the user is 
condemmed to manually logging on to each section.

HOWEVER, it finally dawned that I could "trick" Mozilla by using the verbose 
server name for one account, and set up a second account using the news server's 
ip address.

So far so good... sorry that this will not address those that have more than two 
logons for the same news server.

Please post this information anywhere that it might help others with the same 
problem.

As a "newbie" would also appreciate knowing if this post gets seen by a human.

hmmmmmm... a new thought strikes.... perhaps a local "hosts" file with aliases 
that point to the same server to allow additional "accounts????"

Beverly Howard

*** Bug 207590 has been marked as a duplicate of this bug. ***
Please, could this bug get some attention from developpers ? I maintain the
French Mozilla/Netscape FAQ and I am just fed up receiving mail from users
asking why their username/password is not remembered for news...

Adding mail6 keyword.
Keywords: mail6
here is some more information
i was reading news: comp.lang.c
then changed to comp.lang.perl.misc, no password neded.
then i used the browser a for 5-10 minutes (did not enter any passwords during
that time) and then got back to news to read another posting in comp.lang.perl.misc.
now i am asked for the username and password (for the same group).
painful.

IMHO, this bug is from 2000-04, please higher the priority.
and yet some more

when i then returnd back to comp.lang.c it did not ask me for username and
password when reading previously unread messages. even thou i did not enter the
username and password comp.lang.perl.misc

Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030529
*** Bug 208468 has been marked as a duplicate of this bug. ***
This bug is absolutely insanely annoying!4 (I am the person who submitted the
DUPE 2?????, it was a mistake)

I can explain a little to the people who wonder why it only asks sometimes. 
Whenever the server asks for authentication, Mozilla Mail responds by looking
for a username/password for that server and newsgroup and submitting it if
found, otherwise asking for one.  But once it is connected, it can retrieve
messages from other groups.  So basically whenever the connection times out, it
asks again if needed.  This often looks like it doesn't ask for some groups, but
if you enter a password when reading one group, it should never ask again when
reading in that group.  By the way, I think it only stays online for an extended
period of time when reading messages; if you repeatedly subscribe to several
newsgroups, it asks several times.
I can create an account, log in, and subscribe to a load of groups. I can read
all the groups, no problem.

The problem happens the second time I read newsgroups on that server. Mozilla
will ask me for a username/password for every single group. The questions are:

a) It worked once, why can't it work again?

b) Why does it need a separate password for every group. Surely it should just
assume that the password is the same for every group on the server. I seriously
doubt that *anybody* is running an news server with a different password for
each newsgroup.
*** Bug 201749 has been marked as a duplicate of this bug. ***
Blocks: 176238
Same problem here and it really IS annoying! If you wait until it finished
checking a group for new messages and THEN switch to another group, it doesn't
ask for password. But if you select another group while it's still checking one,
it opens a new connection and asks for username/password.
And I don't want my password manager to save n-times the same user/pwd-combo.
Users have been complaining about this TERRIBLY ANNOYING problem for THREE YEARS
now.  Can someone with some influence get this problem put into the "we are
going to fix this soon" queue??

Thanks!!!
*** Bug 212659 has been marked as a duplicate of this bug. ***
This bug is extremely annoying.  Is there a chance that this will ever be fixed?
 Even tin and slrn run circles around mozilla in this regard.
*** Bug 214090 has been marked as a duplicate of this bug. ***
Yes, this bug is absolutely outrageous. It's unfortunate that I don't really
know how to code in C++ or I'd dig into it right now and fix it. 3 years? Surely
there would be some sort of celebration with the fixer as the guest of honor if
this were resolved? I'll personally offer $40 US if you can fix it (and convince
the maintainers to accept the patch) within a week. Yes, I'm serious.
I would put another $40 on top of that.
*** Bug 217139 has been marked as a duplicate of this bug. ***
When in the world will this be fixed? Holy crapola?!?!?!?!?!?!?
As soon as one gets here and writes a patch.
If you think we're wasting our time by twiddling our thumbs, why don't you just
write the patch?
This bug dates back to the year 2000 *see the list for yourself*.

My judgement is that the Mozilla and Netscape folks are super guru programmers.  
Stopping development long enough to fix outstanding problems and get a stable 
and troublefree platform every year or so would not be as much fun as continuous 
feature development.  It is for this reason that a) Mozilla is probably the 
closest to a beautifully featured browser as exists and b) Why Mozilla will 
NEVER have a troublefree, stable platform.  I think this (b) is one of the  
major reasons why the majority of browser users have trickled away over the 
years.  Many people just want a browser that WORKS well and is troublefree.

Soo..  With the recent Netscape development shutdown, I would suggest that this 
feature will NEVER be fixed.
in response to comment 61:

"As soon as one gets here and writes a patch.
If you think we're wasting our time by twiddling our thumbs, why don't you just
write the patch?"

Personally, I feel that this is unrealistic because I tried doing this. Checking
out Mozilla source and getting it to compile is itself non-trivial - especially
for a Windows user. Learning the software well enough to make good changes is an
even bigger hurdle. This problem *seems* like it would be a simple problem to
fix for an already active contributor to the project. So I have to wonder why,
when there is an obvious call for this fix, that it is not being addressed. For
a non-committer, the cost/benefit ratio is really bad.

FYI I've stopped using Mozilla for reading news, and have started using the
excellent Windows client Xnews (http://xnews.newsguy.com/). Actaully, that
client is even better than Mozilla news client in many other ways, so I'm
removing my $40 offer on this bug. 

Of course, I still use Mozilla as my Linux browser. I am also using it as a mail
client, but am actively looking for an alternative (there are a couple of things
that don't work properly)
I wrote a patch against nsNewsFolder.cpp that solves the problem. I wrote it
for my own purposes only but as I constantly see people complaining about this
bug, I decided to upload it.

The patch makes "single signon" (i.e. one user/password combination for all
groups) the default behavior. To disable this for a certain news account, you
have to create a boolean pref "mail.server.server3.singleSignon" and set it to
"false". (server3 refers to the actual server key you want to change, check
about:config first!)
Your patch is very hard to read. Would you please provide a -w patch?
Attached patch singleSignon.patch2 (diff -w) (obsolete) — Splinter Review 
sorry, should be more readible now
Sorry, I meant "add -w", so a -uw patch. My fault, but -w was ok too to see what
you did.

And I like your patch. It seem to be the right thing to do. I'd suggest, you
should make a full blown patch with a mail.server.default.singleSignon pref a.s.o.
I don't know how widespread servers with login per group are, but vote for
adding also an UI for your pref.

        Attachment #130427 -
        Attachment is obsolete: true

        Attachment #130429 -
        Attachment is obsolete: true

    
  

        Attachment #130656 -
        Flags: review?

    
    

    
  
The patch should make it in 1.5 as it's one of the most annoying bugs.
Assignee: sspitzer → johannesteichmann
Status: ASSIGNED → NEW
Flags: blocking1.5?

    
  

        Attachment #130656 -
        Flags: review? → review?(sspitzer)

    
    

    
  
Why don't you change the code that looks up the password to always firstly check
if a password for the server is stored, and if that fails check for a group
password?

(You can get Mozilla to remember a per-server password by checking the [x]
always request authentification checkbox)

    
    

    
  
> Why don't you change the code that looks up the password to always firstly
> check if a password for the server is stored, and if that fails check for a
> group password?

This test would almost always evaluate to true  because a server password is
stored as soon as one opens the subscribe dialog and downloads the list of
newsgroups. So what you suggest basically is to always try to authenticate with
the server password and if it fails to try the group password, right?

You should check http://bugzilla.mozilla.org/showattachment.cgi?attach_id=52680,
a patch which attempts to do it this way, I believe.

Personally, I'd rather change the default authentication model to single signon
(because I assume it's the most common setup) but leave the current per group
authentication as is (for special server setups). 



    
    

    
  
Christian, when posting a news article Mozilla saves username and password in a
per-server (e.g. news://news.server.net:119/#username) way.
If we'd always try to read the per-server value first, we'd read this values.
This might produce login failures on a server with per-group passwords.

    
    

    
  
> If we'd always try to read the per-server value first, we'd read this values.
> This might produce login failures on a server with per-group passwords.

So... you discard that password and ask the user.

Problem solved!



PS: How many servers have different passwords for every group?
I'm betting it's a *lot* less than the other way round (same
password for every group).

    
    

    
  
>Christian, when posting a news article Mozilla saves username and password in a
>per-server (e.g. news://news.server.net:119/#username) way.

Well, that could surely be changed...

anyway, it was just a suggestion.
Flags: blocking1.5? → blocking1.5+

    
    

    
  
Is there such a thing as per-group authentication?  The only way I can this
being practical is for a server with only 2 or 3 newsgroups.  Any more than that
and there would be a tremendous number of usernames/passwords to keep track of.
 Since my knowledge of NNTP is limited, I'm not saying such a thing doesn't
exist but it does seem pretty incredible to me.  Does anyone have an example of
a NNTP server that requires a different username/password combo for different
groups?

    
    

    
  
sorry mureninka@yandex.ru, but drivers decide blocking or not.
Flags: blocking1.5+ → blocking1.5?

    
    

    
  
Gary, from the NNTP protocol per-group authentication is possible.
I think too, such a config is very unlikely to be used. But if it's used by only
one per thousand servers we nevertheless have to support it.

Yes, it would be nice to know a real existing system - at least for testing.

    
    

    
  
I've setup a corporate server with a per-group authentication once.

But although it is theoretically possible to require different
usernames/passwords from a user for different groups, I cannot imagine a
situation where such configuration would make any sense.

In my case, groups of users had access to subsets of all newsgroups.

There also was a group that had access to all newsgroups. That's it.

There was no single user that han one account for one group, and another account
for a different group. What use for that? I'd give him access to those 2 groups
with a single account.

Anyway, for your testing I've prepared such a server.

Hostname: office.altkom.com.pl

Usernames: moz1, moz2
Passwords: same as usernames

moz1 has access to the newsgroup moz1.test, moz2 has access to the newsgroup
moz2.test.

The server may be a bit unstable, as it has a faulty motherboard.

    
    

    
  
Great, thanks so far Aleksander!

    
    

    
  
BTW, there might be problems with authentication on that server in the last 2
hours, but I've sorted them out.

Just in case you want to setup a similar server:

The server runs INN 2.4.0.

The related config directives:

=====================
in file readers.conf:

auth "all" {
    hosts: "*"
    auth: "ckpasswd -f /usr/local/news/etc/auth/db.txt"
    default-domain: "pub.office.altkom.com.pl"
}
access "moz1" {
    users: "moz1*"
    newsgroups: "moz1.*"
    access: "RP"
}
access "moz2" {
    users: "moz2*"
    newsgroups: "moz2.*"
    access: "RP"
}

=====================
in file db.txt:

moz1:99nm4pMRZH.iE
moz2:za1IObTIyyd5k


=====================
db.txt was generated by the following Perl script:

#!/usr/bin/perl
use Fcntl;
$| = 1;

while (<STDIN>) {
    my $user;
    my $passwd;
    ($user,$passwd) = split(/:/, $_);
    chomp $user;
    chomp $passwd;
    my @alphabet = ('.', '/', 0..9, 'A'..'Z', 'a'..'z');
    my $salt = join '', @alphabet[rand 64, rand 64];
    print "$user:".crypt ($passwd, $salt)."\n";
    #$db{$user} = crypt ($passwd, $salt);

}


to which this file has been fed through STDIN:

moz1:moz1
moz2:moz2


    
    

    
  
Just an FYI:  For a real-world implementation of per-group authentication, you
need look no further than Microsoft's betanews NNTP server.  This houses the
discussion lists for all their beta products, and a user is given access to only
the groups for the products he is currently beta-testing.
Nice work, Aleksander!

    
    

    
  
Thanks Kevin. Do you know how this is organized?
If someone is testing three products, does he have access to all three groups
with his one login. Or does he get three username/password combinations - one
for each group?

    
    

    
  
AFAIK, the same username/password for the groups to which one has access. 
Mozilla sees them as different, and asks for the user/pw combo for each group. 
I suppose it is possible to have one user/pw for a set of groups (say, all the
office-related ones) and then another for a completely different group (say, a
windowsXP beta).  But I think nowadays, users have one "BetaID" that's used to
access any groups to which they should have access.  It is definitely possible
to have multiple of these (you have one for a personal sign-up of Office, and
one trhgouh work for an affiliation with, say, SQL development and testing) but
those scenarios are pretty rare, I'd say.

    
    

    
  
Hm, I understand.
The current question is, if we shouldn't change over to per-server
authentication only. So one login per server and that's it.
That would make things lot easier and smoother for the vast majority. The
question is, what this would mean for the users of this "pretty rare" servers -
if any.
That's what we're about to find out.

    
    

    
  
"That would make things lot easier and smoother for the vast majority."

Precisely.

I imagine that this "feature" has annoyed almost *everybody* who
has ever used Mozilla to read news. That's a lot of people!

We're annoying 99.99% of users just so that the other 0.01% 
don't have to spend an extra two minutes setting up an extra
account. Not good business practice. It would be better to 
totally shut out those 0.01% than to continue with the way 
things are at the moment. 

The only example of a per-group server mentioned here has been 
at Microsoft, and how many Microsoft-newsgroup-readers will 
be using Mozilla?



    
    

    
  
> The question is, what this would mean for the users of this
> "pretty rare" servers - if any.
> That's what we're about to find out.

For those users, it means they would simply add another account for the same
news server, but different username.

That's how you do this with mail accounts, so I don't understand why news
servers would have to be handled differently.

I vote for switching to per-server authentication.

    
    

    
  
> That's how you do this with mail accounts, so I don't understand why news
> servers would have to be handled differently.

If the behaviour I asked for is not wide spread or better nearly unused you're
right. I never heard of such a server or a client supporting this yet. But that
doesn't mean it's not used.

If there's only a fistful of these servers, we could expect them to emulate the
old behaviour like you wrote, of course.

    
    

    
  
comment #86:
> For those users, it means they would simply add another account for
> the same news server, but different username.

IIRC it's not possible to add more than one account for the same news server,
but I might be wrong

    
    

    
  
It's likely that a news server takes only one username per user. If the
newsreader is set up to use only one password per server and tries to access a
per-group newsserver, the password for the group will probably be wrong and
cause mozilla to show the box for entering the password manually. I assume
mozilla still does that. 

How about if mozilla assigns the default per-server password to each newsgroup
and only changes it if the group is one of those rare ducks that takes a
per-group password?

    
    

    
  
Additional thought on that---if the user changes the server password, mozilla
would at some point have to change all the group passwords set to the server
password value.

    
    

    
  
"Additional thought on that---if the user changes the server password, mozilla
would at some point have to change all the group passwords set to the server
password value."

And the way things are at the moment you'd have to type in a new
password for every single group you subscribe to.



    
    

    
  
Don't I know it! I'm subscribed to over a hundred groups that I might someday
take a look at. I've done the "enter password" thing a number of times. There
are other problems with current Mozilla affecting users subscribed to a large
number of groups besides the password problem. The problems are more apparent
when many groups are subscribed to, and when one has a dialup connection and the
program wants to waste time downloading header info for groups not of current
interest. I requested an enhancement under another bug number.


    
    

    
  
I'm still waiting for Seth's statement on this:

Personally, I've come to the conclusion that the best way would be to 
drop the current per-newsgroup authentication. First, because no such 
setups are known in the wild (*) and second, it would also simplify the 
code in nsNNTPProtocol.cpp and nsNewsFolder.cpp pretty much.

I'd use nsMsgIncomingServer::GetPasswordWithUI to fetch the password. 
The username should be set in the account settings dialog as it is the 
case with mail accounts. A single entry in the password manager would be 
created for each newsserver and the usernames / passwords be stored in 
the appropriate fields. Pushed Authentication would work as it does today.

(*) I tried hard to think of an example where different logins per group 
would make sense, but to no avail. I believe newsservers allow to grant 
clients different access rights based on the name of an authenticated 
user. There's absolutely no need to give users different identities. 
The server as the single authority involved is able to decide who is 
allowed to do what. We don't even need different passwords for special groups.

In addition to this, I'm not aware of any newsreader nor server that supports
this at the moment.

    
    

    
  
Not going to block 1.5 for this bug but we would consider approving a fully
reviewed and tested patch. 
Flags: blocking1.5? → blocking1.5-

    
  
Flags: blocking1.4.1?

    
    

    
  
Comment on attachment 130656 [details] [diff] [review]
overhauled patch for singleSignon pref

Seeing as news.mozdev.org now requires authentication I'd like to see this
addressed too.

        Attachment #130656 -
        Flags: superreview?(scott)

        Attachment #130656 -
        Flags: review?(sspitzer)

        Attachment #130656 -
        Flags: review?(bienvenu)

    
    

    
  
Comment on attachment 130656 [details] [diff] [review]
overhauled patch for singleSignon pref

looks like the spacing is off in the change in nsINntpIncomingServer.idl
relative to the declarations above and below singleSignon.

        Attachment #130656 -
        Flags: superreview?(scott) → superreview+

    
    

    
  
Comment on attachment 130656 [details] [diff] [review]
overhauled patch for singleSignon pref

looks like the spacing is off in the change in nsINntpIncomingServer.idl
relative to the declarations above and below singleSignon.

    
    

    
  
Comment on attachment 130656 [details] [diff] [review]
overhauled patch for singleSignon pref

looks OK to me - we can always add a UI if we discover servers that support
per-group passwords  (though I think the Netscape news server did)

        Attachment #130656 -
        Flags: review?(bienvenu) → review+

    
    

    
  
Fix checked in (modulo minor bitrot and fixed indent).
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED

    
  

        Attachment #130656 -
        Flags: approval1.5?

    
    

    
  
>------- Additional Comment #98 From David Bienvenu  2003-09-15 09:55 -------

>(From update of attachment 130656 [details] [diff] [review])
>looks OK to me - we can always add a UI if we discover servers that support
>per-group passwords  (though I think the Netscape news server did)

David, yeah - I remember a newsgroups 'x-rated' on Poisonivy.mcom.com (collabra
3.52?? - version escapes me) that supported auth newsgroups.


    
    

    
  
too late for 1.4.1
Flags: blocking1.4.1? → blocking1.4.1-

    
    

    
  
Comment on attachment 130656 [details] [diff] [review]
overhauled patch for singleSignon pref

Too late for new features in 1.5.

        Attachment #130656 -
        Flags: approval1.5? → approval1.5-

    
    

    
  
when will this be included in the nighly builds?
i am still experiencing problem in:
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5b) Gecko/2003091905

especially if i read messages from diffent servers i will have to enter the
username/password more then once.
sometimes it works for one server to enter username/password only once, but then
not for the other.

    
    

    
  
It's all since late 20030916 builds. WFM with 2003091822 on Linux in all testcases.

But I only have one news server that requires authentication to test.
Do you say Mozilla to remember the username/password you enter?

    
    

    
  
why dont i just kill -9 myself!? ;-)
that was of course the problem, one server rememberd password the other did not,
now its working better.
many thanks!

    
    

    
  
Hi, How can I apply this patch to my version of thunderbird? This problem is
really annoying, but I don't know how to compile the mozilla/thunderbird source
myself. Is this fix going to be included in a future release?  If so when? Or
has it already been fixed?

    
    

    
  
We still have a problem if username/password haven't been remembered and the
user changes the newsgroup or server.

The code itself is still group based and so are mGroupUsername and
mGroupPassword part of the nsMsgNewsFolder class (as their names say).

IMHO we should redo the whole authentication code to make it server based.

    
    

    
  
Is the fix included in any of the nightly builds of Thunderbird? The bug is very
annoying when the computer is left on overnight, and the next day I am greeted
with a million newsgroup password boxes 

    
    

    
  
after a couple of days testing with the "always ask for password" option turned
off, i still get questions to enter usename and pasword. however they appear
much less frequent, only on one server.

to me is seems random so i cannot say exactly when it happens.

    
    

    
  
> after a couple of days testing with the "always ask for password" option
> turned off, i still get questions to enter usename and pasword. however
> they appear much less frequent, only on one server.

Do you have a "server" password stored in password manager?

Anyway, with the patch turned on and provided you enter a valid password Mozilla
should only ask once as it then exclusively tries the server password.

As ch.ey@gmx.net already pointed out, Mozilla's internal object model still uses
per group authentication so server password refers to the root folder's user
name and password entries in password manager.

As I still have no proof of it's usefullness, I believe per group authentication
should be dropped.

    
    

    
  
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6a) Gecko/20030924

This patch WFM. I have deleted all the logins for individual groups manually.
And I can still read news;-)

pi

    
  
Blocks: 219336

    
  
No longer blocks: 219336

    
    

    
  
*** Bug 221641 has been marked as a duplicate of this bug. ***

    
    

    
  
Hope this is the correct bug where to report, because bug 201749 (found with
`newsgroup password') was marked as a dupe of this:

Even if the default authentication method will be changed to per-server in the
future (which I agree with), it may be important that I never had the problem of
"forgetting" username and password for individual newsgroups until I had to
change from 100 MBit LAN connection to 56k dial-in a few weeks ago. That bug is
AFAIS independent of the Mozilla version used, for I did neither an up- nor a
downgrade.

Sorry if I bother you with known information. If so, please tell me the
respective bug.


\V/ Live long and prosper

PointedEars

    
    

    
  
Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6a) Gecko/2003102504
(Seamonkey Full Installer)

The username and password is stored by server, not by group -- good.

The username/password screen still nags (I have Mozilla configured to check for
new newsgroup messages every 10 minutes) even if `Remember username/password'
was checked -- bad.

When username and password have been confirmed, Mozilla hangs (`Cancel' button
"works") -- very bad!

BTW: Mozilla's Navigator has always stopped while the username/password window
for MailNews(!) was displayed. Surprisingly, not the MailNews window but the
Navigator window requested user input (Windows Taskbar button blinks.)

The bug should therefore be reopened.


PointedEars

    
    

    
  
You're being asked for username/password although they're saved (per server) in
the Password Manager? You see the right data in the .s file?

If yes, although it never works, or does it sometimes?

If this all is true, this bugs issue is really fixed and you should report your
problems in e.g. bug 214533.

    
    

    
  
*** Bug 231273 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 34507 has been marked as a duplicate of this bug. ***
Product: MailNews → Core

    
  
No longer blocks: majorbugs
Product: Core → MailNews Core

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: