User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; de; rv:126.96.36.199) Gecko/20100625 Firefox/3.6.6 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:188.8.131.52) Gecko/20100625 Firefox/3.6.6 While debugging a problem with a single-sign-on system I switched to private mode to test a case when no cookie is present and without kerberos negotiate auth, but negotiate auth still sent the credentials. This isn't a very common scenario, but I still think in private browsing mode negotiate auth should not sent credentials. Reproducible: Always Steps to Reproduce: 1. Go to a webpage the browser is configured to perform auth via negotiate auth to see if it is generally working 2. Switch on private mode 3. Go to the same webpage, is still working but shouldn't Expected Results: Authenticated with negotiate auth No authentication credentials should be sent
Reporter, can you still reproduce this bug in Firefox 6? Please update to Firefox 6 or later, update your plugins, and retest in a new profile. If you still see the issue with the updated version of Firefox, please post here. Otherwise, please close as RESOLVED > WORKSFORME.
The issue is still present. I am running openSuse 11.4 using MozillaFirefox 6.0-2.1 x86_64 from the openSuse Buildservice
Hello, this issue is still open to me using Firefox 35.0.1 on Windows 7 x64 as well as Windows 8.1 x64. I really think, Negotiate/Kerberos Credentials shouldn't be sent in Private Mode.
This is weird. If the credentials cache it's not properly isolated, then we really have a bug. I can take a look.
This is INVALID. Cannot reproduce and confirmed that we correctly isolate private auth cache from the regular one. I think you missmatched windows. If you have another steps to reproduce (probably more needs to be done) then please provide them and reopen this bug.