Closed Bug 610202 Opened 11 years ago Closed 11 years ago
ntlm-auth against squid only working if private browsing is enabled
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:220.127.116.11) Gecko/20101026 Firefox/3.6.12 (.NET CLR 3.5.30729) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:18.104.22.168) Gecko/20101026 Firefox/3.6.12 (.NET CLR 3.5.30729) If i enable private browsing, ntlm-authentication is working and my request get processed. I ran out of ideas. I'm using as username DOMAIN\username Is there anything specially handled when in private browsing is enabled? I tried this with following versions: Mozilla/5.0 (Windows; U; Windows NT 6.1; de; rv:22.214.171.124) Gecko/20101026 Firefox/3.6.12 Mozilla/5.0 (Windows; U; Windows NT 5.2; de; rv:126.96.36.199) Gecko/20101026 Firefox/3.6.12 (.NET CLR 3.5.30729) Reproducible: Always Steps to Reproduce: 1. Point Firefox to use squid proxy on port 8080 Configure squid with: auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 external_acl_type NT ttl=5 children=5 %LOGIN /usr/lib/squid/wbinfo_group.pl acl inet_users external NT internetallowed acl dom proxy_auth REQUIRED http_access allow inet_users http_access deny !dom http_access deny all 3. browse to random page and get prompted for credentials - even though entered correctly, FF keeps poping up with the auth dialog over and over again 4. Enable private browsing forwards my request correctly and i see the requested page.
Update: What also works is, if i state about:config and continue from this place to some webpage. After providing the credentials, i get a successful authentication. This is really strange! So ntlm-auth is only working either by enabling private browsing or going to about:config and then enter the destination web-url. Am i missing something?
Here is another update - this is really nuts: If i change the firefox default webpage to something like www.google.de - i get authed instantly. Please bring some light into this.
There is a known bug (bug 592197) in FF4.0b6 caused by a change in Gecko2 but that shouldn't affect Gecko1.9.2 >3. browse to random page always include an example URL >1. Point Firefox to use squid proxy on port 8080 Only for http or also for https ? Is this a problem that only appeared in 3.6.12 or did you get this also with older builds like 3.6.11 ?
Component: Private Browsing → Networking: HTTP
Product: Firefox → Core
QA Contact: private.browsing → networking.http
Version: 3.0 Branch → 1.9.2 Branch
Mathias, 592197 is not really close to my problem. I tried google.de all the time. I did not try any https-Url as we're handling https-addresses differently. So this has nothing todo with this bug. We only want to access http-pages over this proxy in first instance. I'm gonna try older builds - is there an official mirror for older builds? After changing the default start-page to google.de i get the content. If i click on another link - visit a new page, i got again the popup-auth-dialog. Is this another known bug?
first you should try Firefox in the Firefox safemode http://support.mozilla.com/en-US/kb/Safe+Mode to be sure that this is not caused by an extension. Here are the release builds : ftp://ftp.mozilla.org/pub/firefox/releases/ You can try 3.6.0 to see if this ever worked in Gecko1.9.2 You can try additional builds between 3.5.0 and 3.6.12 if it works in 3.6.0 to get a regression range. and then you should try a nightly comm-central build from ftp://ftp.mozilla.org/pub/firefox/nightly/ (that is the coming FF4) if all the Gecko1.9.2 (FF3.6.x) builds are broken we need a http log if thus isn't a regression in Gecko1.6.2 Follow this instructions https://developer.mozilla.org/en/HTTP_Logging and attach a http log here using the "add an attachment" link above.
Matthias, it looks like i hit Bug 318253 with my popup problem. I will stick to 318253 to get this fixed. This report can be closed.
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 318253
You need to log in before you can comment on or make changes to this bug.