User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:126.96.36.199) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:188.8.131.52) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729) In the Aladdin eToken driver there is an option to enable SSO. This means that when a correct pin is used to log into the token, the token can then be used without a password. However, Firefox does not seem to obey this. User is allway prompted for the "Master password" of the token wheneve the token is accessed. I have talked to eSafe support and they indicate that: " November 25, 2009 2:33:13 PM from eToken Tech Support to All Participants: It seems the following: November 25, 2009 2:33:34 PM from eToken Tech Support to All Participants: We have a function in our Cryptography world which is called "C_Login" November 25, 2009 2:33:41 PM from eToken Tech Support to All Participants: This is how you login to the token November 25, 2009 2:33:59 PM from eToken Tech Support to All Participants: Now - most products uses "C_Login Null" November 25, 2009 2:34:29 PM from eToken Tech Support to All Participants: Which means that they're trying to authenticate with no password - if they get rejected, we pop-up for a PIN dialog November 25, 2009 2:35:07 PM from eToken Tech Support to All Participants: Now, Firefox, unlike most other applications, uses PKCS#11 and actually forcing "C_Login" without Null November 25, 2009 2:35:22 PM from eToken Tech Support to All Participants: Which means that each time they're doing a login operation, a login is required. November 25, 2009 2:36:12 PM from eToken Tech Support to All Participants: Once the Firefox Logs in once to the token - it'll always try to re-login to it upon launch of the Firefox session. November 25, 2009 2:37:09 PM from eToken Tech Support to All Participants: Firefox is not checking if they can get the certificate which is stored on the token without a PIN - they're trying to do a login directly with a PIN. " Reproducible: Always Steps to Reproduce: 1.Make sure PKI Client has SSO enabled 2.Insert token en log into the token 3.Start firefox 4. Visit an HTTPS page 5. Password dialog Actual Results: I was prompted for the token password Expected Results: Token would be used without password dialog as SSO is on
Reporter, are you still seeing this issue with Firefox 3.6.13 or later in safe mode? If not, please close. These links can help you in your testing. http://support.mozilla.com/kb/Safe+Mode http://support.mozilla.com/kb/Managing+profiles You can also try to reproduce in Firefox 4 Beta 8 or later, there are many improvements in the new version, http://www.mozilla.com/en-US/firefox/all-beta.html
Yes, the behaviour hasn't changed in either 3.6.13 or 4 Beta 8. even if the token is authenticated on the OS level FireFox will continue to prompt for the PIN.
No reply, INCOMPLETE. Please retest with Firefox 3.6.13 or later and a new profile (http://support.mozilla.com/kb/Managing+profiles). If you continue to see this issue with the newest firefox and a new profile, then please comment on this bug.
I have deleted my profile and recreated a new one. The device now doesn't prompt for a password, but is also not used in certificate selection. When I try to log into e.g. https://sbpvpn.schubergphilis.com/+CSCOE+/logon.html?a0=86&a1=&a2=&a3=1&reason=1 which should as me if I want to present my eToken certificate (I have it set to prompt me) only does that if I manually log into my token first via Tools->Options->Advanced->Security devices
This bug was reported using a pre-release version of Firefox 4. Now that Firefox 4.0.1 final has been released, can you please update and retest your bug? A fresh profile would be a good starting place to test, http://support.mozilla.com/kb/Managing+profiles. If you continue to see the issue, can you please update this bug with your results? Filter: firefox4prebugsunco
I am using latest (v26) firefox version, still encountering the same behaviour.
UA: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:26.0) Gecko/20100101 Firefox/26.0