Multiple Proxy Authentication Required

RESOLVED FIXED in Thunderbird 11.0

Status

Thunderbird
Security
RESOLVED FIXED
9 years ago
6 years ago

People

(Reporter: Kai Stukenbrock, Unassigned)

Tracking

({helpwanted, regression})

Trunk
Thunderbird 11.0
helpwanted, regression
Dependency tree / graph
Bug Flags:
wanted-thunderbird +

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [fixed by bug 475053 and bug 535103])

(Reporter)

Description

9 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4
Build Identifier: TB 3.0b1

Sitting behind an authenticated proxy, after starting up, every single attempt to access the web creates its own authentication request popup. Since I have some 30 blogs subscribed, I get some 30 authentication requests at startup!

This is no issue in TB2, but makes TB3.0b1 an absolute no-go in a corporate or similar environment.

The following bug in Firefox is similar, but not fully, since Firefox also asks for the master password multiple times, which TB actually does only once
https://bugzilla.mozilla.org/show_bug.cgi?id=339804

Reproducible: Always

Steps to Reproduce:
1. Open Firefox (behind authenticated proxy, with proxy password stored, and secured by master password)

Actual Results:  
1. Request for master password pops up. Enter, click ok.
2. Some 30 requests for proxy authentication pop up

Expected Results:  
1. Request for master password pops up. Enter, click ok.
2. One request for proxy authentication pops up
There is a different bug for Firefox about asking for either Proxy or http Auth bugs multible times at session restore or if you load multible sites as homepage.
(Reporter)

Comment 2

8 years ago
This bug is still present in Beta 3, and is still extremely annoying.

The corresponding bugs in Firefox are being closed just now
https://bugzilla.mozilla.org/show_bug.cgi?id=339804
https://bugzilla.mozilla.org/show_bug.cgi?id=475053

It would be fantastic if this bug could therefore be closed before TB goes out of Beta!
(In reply to comment #2)
> It would be fantastic if this bug could therefore be closed before TB goes out
> of Beta!

If it's committed to the mozilla 1.9.1 branch, TB will get it in version 3. If not, then it won't.
(Reporter)

Comment 4

8 years ago
Hm, it seems the Firefox fixes will be going into 1.9.2a1...

Still, this is a major regression over TB2 behaviour and renders TB3 unusable in a corporate environment w/ authenticated proxy (whereas under TB2 this is working fine). Wouldn't this at least warrant an attempt at fixing this prior to TB3 release?

Updated

8 years ago
Component: General → Security
QA Contact: general → thunderbird
Version: unspecified → Trunk

Comment 5

8 years ago
Still happening on Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.4) Gecko/20091016 Firefox/3.5.4

Also happens when updating multiple plugins.
And even if entered the master password and aknowlegded the proxy user/password during plugin update, firefox will ask again when loading the initial tabs.

Comment 6

8 years ago
Given that firefox supports an incredible number of tabs which are saved between sessions and are reloaded upon start-up, and they ask for authentication then, this is a **** showstopper.
Duplicate of this bug: 531023
Duplicate of this bug: 533926
confirming based on dups.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: blocking-thunderbird3.1?
Duplicate of this bug: 535103
Duplicate of this bug: 537682

Comment 12

7 years ago
this bug is preventing us from deploying TB3 in our firm... so i hope that it will be resolved for TB3.1

Comment 13

7 years ago
Don't care anymore, switching browsers has solved this problem.
This appears to be more fallout from the various prompting changes that happened in Mozilla 1.9.  Giving to Standard8, since he's the expert here.  Given the DUPs, and if this is preventing organizations from upgrading Tb2 to Tb3, I think this probably wants to block 3.1.  Marking as needed+ and leaving to Standard8 to target further.

Roland, have you see any complaints about this in GS?
Assignee: nobody → bugzilla
blocking-thunderbird3.1: --- → needed
Flags: blocking-thunderbird3.1?
Keywords: regression
I haven't heard any complaints about this.(In reply to comment #14)
> This appears to be more fallout from the various prompting changes that
> happened in Mozilla 1.9.  Giving to Standard8, since he's the expert here. 
> Given the DUPs, and if this is preventing organizations from upgrading Tb2 to
> Tb3, I think this probably wants to block 3.1.  Marking as needed+ and leaving
> to Standard8 to target further.
> 
> Roland, have you see any complaints about this in GS?
Haven't seen any complaints about this in GS, but I may have missed a few.

Comment 16

7 years ago
As a workaround for a convenient use of TB3 even with a big number of rss feeds you can enter credentials into the first of the authentication dialogs and then right click your inbox tree item to open TB in a new window - fortunately authentication dialogs are not modal. After opening the new instance the old one can be closed including all of its dialogs.

Updated

7 years ago
blocking-thunderbird3.1: needed → beta2+
We're resetting the blocking flag for 3.1 on this bug and instead setting the wanted-thunderbird+ flag. We have too many blocking-3.1 bugs, to the point where it doesn't mean much, and managing the list is making it hard to actually work on closing bugs, which helps no one.

Thunderbird 3.1's primary purpose is to allow us to offer a prompted major update to Thunderbird 2 users, to ensure their continued ability to safely use Thunderbird.  Thunderbird 2 is built on an outdated version of Gecko, and our long-term ability to maintain the users' safety for Thunderbird 2 users is limited.

If you think this bug meets the requirements below, please renominate with a detailed explanation of how it meets the following two criteria, and we will reconsider.  To qualify, this bug must either:

a) make the upgrade experience from TB2 very painful for a large number of users

or

b) be a new, reproducible, severe quality issue (eg dataloss, frequent crashes)

Just because this bug doesn't block TB3.1 doesn't mean it can't or won't make the release.  Once they're done with their blockers (if any), we encourage developers to keep working on non-blocking bugs, and to try to land them as early in the cycle as possible, as non-blocking bugs will become increasingly difficult to land in the later stages of the cycle.
blocking-thunderbird3.1: beta2+ → ---
Flags: wanted-thunderbird+
OS: Windows XP → All
Hardware: x86 → All
Duplicate of this bug: 573526

Comment 19

7 years ago
As a workaround to this annoying behavior, after launching TB, I look for an update of the tool via "?" menu. This triggers an authentication to the proxy and then everything is OK.

Hope it helps.

Comment 20

7 years ago
Same here 

Version : Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR; rv:1.9.2.8)
Gecko/20100802 Thunderbird/3.1.2

SO      : Windows XP SP3

Proxy Server  : squid Version 2.6.STABLE21  (with authentication ,working fine
with any browser)

Problem:
Asked for user and password for each link, in the first email with external content.

Comment 21

6 years ago
In our organization, we currently deploy Thunderbird 3.1. As we use authenticated web proxies, some of our users who received mails like html newsletters experienced an authentication request for each element stored on the Web.

As said in previous comments, this behavior didn't exist with older versions of  Thunderbird (1.5, 2.0). 

Obviously, people who receive this kind of newsletters are mainly part of the direction staff. So one can consider this bug as being in high exposure...
I'm not working on this at the moment so reassign to nobody, but setting as helpwanted.

I would suggest that folks check if this is still an issue in the Miramar preview builds as I believe some changes have gone in there.

If it is related to what I think it is, then I would expect that 3.1 would probably prompt once per protocol on startup. If its not, then I've got no idea what is going on as the core html protocol code should be handling the proxy just fine (assuming the equivalent Firefox version is handling it fine as well).
Assignee: bugzilla → nobody
Keywords: helpwanted

Comment 23

6 years ago
Are there any known workarounds to this issue that would avoid username / password authentication requests for each image (when loading an HTML message with embedded images) ?

Thanks,

Patrick

Comment 24

6 years ago
(In reply to comment #23)
> Are there any known workarounds to this issue that would avoid username /
> password authentication requests for each image (when loading an HTML
> message with embedded images) ?

Workaround: Before clicking on a rich html mail (like an advertising mail or a newsletter), select View -> Message Body As -> Simple HTML to prevent all attempt of downloading images. Then, if you want to see the original version, click on the usual link "If this e-mail doesn't display correctly to you please click here" to display the web page on your default browser.

Comment 25

6 years ago
(In reply to comment #24)
> Workaround: ...select View -> Message Body As -> Simple HTML ... Then, if you want to see the original version, click on the usual link "If this e-mail doesn't display correctly to you please click here" ...

Thats no workaround, but a bad joke!
A Workaround may would be something to force TB to display some sort of a "starting page" containing a 1x1 pixel EXTERNAL IMAGE so it would ask the user just ONE TIME (at programm start) for a proxy authentication. But i dont know if that would be possible and how to do put that into the users config. 

PLEASE CHECK OUT THE DATE OF THIS BUG! Its been YEARS now. Is it realy that hard to recheck the credentials lookup routine at the proxy auth. module  and also add a "remember credentials" checkbox to the proxy auth. dialog? i realy wished i would have better code experience to check it all by myself. but im not that experienced. 

best wishes
Axel
Duplicate of this bug: 576494

Comment 27

6 years ago
WOW still not working...

Well after mozilla last comments about the enterprise users ... no surprises here.

I already gave up, and uninstalled thunderbird from almost all machines in our company.

But i tested the Seamonkey e-mail client some time ago, and its was not affected by this bug. its very lightweight and simple , you just have to set the mail client as the default app.

best regards fellas.

Comment 28

6 years ago
Nah ! ... seamonkey has the same problem ...

Comment 29

6 years ago
Still have this blocking Problem with TB 5, 6 .....
After some re-examination, I believe this will be fixed when bug 535103 is fixed. This bug actually appears to cover two issues:

1) The fact that you can't save your password for proxy dialogs. This is covered by bug 535103.

2) If you didn't save your password but still entered it correctly, you would get multiple dialogs. This was fixed by bug 475053, but the first issue has overrode the fix.

Bug 535103 now has a patch on which should land in the next day or two. I'll resolve this when it lands and point people to where the test builds will be.
Depends on: 535103, 475053
Bug 535103 has just landed and this should be fixed in trunk (TB 11) builds, we may be backporting to releases so this gets out earlier.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Whiteboard: [fixed by bug 475053 and bug 535103]
Target Milestone: --- → Thunderbird 11.0
You need to log in before you can comment on or make changes to this bug.