Closed Bug 67465 Opened 24 years ago Closed 23 years ago

Mozilla prompts for id & pass when accessing sites w/ certificates from behind a firewall

Categories

(Core Graveyard :: Security: UI, defect)

Product:
Core Graveyard
Component:
Security: UI
Version:
1.0 Branch
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
psm2.0

People

(Reporter: le_jawa, Assigned: javi)

References

(
URL
)

Details

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; m18) Gecko/20010201
BuildID:    2001020104

I cannot access my webmail site from work because Mozilla's security won't play
nice with our HTTPS firewall (brand unknown).  I get prompted to enter my
firewall user id and password when I go to a secure site; after I do, the page
never renders.  Mozilla shouldn't even prompt for firewall authentication once
I've already logged in to the firewall.



Reproducible: Always
Steps to Reproduce:
1.  Open Mozilla to a public internet site  (for example, http://www.mozilla.org.
2.  Mozilla prompts for my firewall usderid and password.  I have this stored by
the Password Manager, so I just click 'OK'.
3.  After the page renders, I click on my bookmark to https://mail.xmission.com.
 For some reason, Mozilla prompts me for my firewall password.
4.  I re-enter my firewall userid and pasword and click 'OK'. 


Actual Results:   The page never renders -- I don't get a chance to enter my
user id and password for my mail account.  In past nightlies, I was able to
enter my firewall u-id and password and go on to the site.


Expected Results:  It shouldn't prompt me to re-authenticate with the firewall.
 I should go straight to the login page for my mail account.

Additional Comments:  My userid and password for my mail account are not stored
with the password manager.  I just installed this build after un-installing a
previous build and deleting my Users50 folder.
->Crypto. Maybe incompatible SSL versions?
Assignee: mstoltz → ddrinan
Component: Security: General → Security: Crypto
QA Contact: ckritzer → junruh
Unlikely.  I only encounter this problem when behind a firewall.  I get to the
site from home just fine.
I have also noticed this bug. And the problem also only exists when I am trying
to connect to a secure site from behind our corporate firewall.
Reassigning
Assignee: ddrinan → javi
Status: UNCONFIRMED → NEW
Ever confirmed: true

*** This bug has been marked as a duplicate of 31174 ***
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → DUPLICATE
vrfy dup
Status: RESOLVED → VERIFIED
Re-opening.   This never was a dupe, but a whole seperate problem, which still
has not been resolved.  This is in part my fault for not testing it properly; I
finally found the real problem:  

Mozilla will not logon to sites that use certifcates when behind a firewall. 
There are actually two problems here (the second I will report in another bug) 

1.) When Mozilla encounters a site that uses certificates AND is being used
behind a firewall, it prompts for the firewall username and password.  Expected
result: no prompt.  

2.) If you enter your firewall id and pass, Mozilla will begin to render the
page, then crash or freeze, depending on the build. 2001040904 freezes.  This
will be reported in another bug.

Here are the new steps to reproduce:
1.) Start Mozilla behind a firewall and point to a site that uses certificates.
 Examples are: 
https://www.palm.net/Registration/RegistrationNewUser.jsp?doSSL=1
https://mail.xmission.com
2.) Mozilla will prompt for password and id.  This should not occur.


Changes made to bug report:
- Re-opened
- changed summary to reflect real problem
- added comments
Severity: major → critical
Status: VERIFIED → REOPENED
Resolution: DUPLICATE → ---
Summary: Cannot log in to secure web sites requiring authentication when logged into proxy. → Cannot log in to secure web sites that use certificates when behind firewall
See also bug #75237
Summary: Cannot log in to secure web sites that use certificates when behind firewall → Mozilla prompts for id & pass when accessing sites w/ certificates from behind a firewall
Mass changing of product. Browser:Security:Crypto --> PSM 2.0
Component: Security: Crypto → Client Library
Product: Browser → PSM
Version: other → 2.0
What kind of firewall is in play here?  Something's not clicking with me on this
problem.  Many of us are behind corporate firewalls and don't have any problems.  

Setting target to PSM 2.0 so it gets addressed soon.
Target Milestone: --- → 2.0
In response to your question:  its an HTTPS firewall (brandname: Interlock)
running on an NT server (I believe).  User id and password are required for
access to the internet.  I am configured to connect to the firewall on port 80
for HTTP, SSL, FTP, and Gopher.

I also reported this problem on other certifate-enabled sites such as
registration for MyPalm. (
https://www.palm.net/Registration/RegistrationNewUser.jsp?doSSL=1 )
but I now only see the problem at https://mail.xmission.com . (If you try this
site, make sure you type https, or the site will assume you want the http version.)

All bugs for this have now been resolved EXCEPT ONE.  Here's how to reproduce:

1.)  From behind firewall, access the Internet by logging into the firewall. 
Visit a favorite site or two.
2.)  Now type in the URL bar https://mail.xmission.com and hit enter.
3.)  Mozilla will prompt for firewall id and pass.  It should not.
4.)  Here's the big improvement.  Enter your firewall id and pass and hit enter.
Mozilla will finally let you into the site.  I couldn't get this far previously.
 Thanks guys!

All that's left to fix is the unnecessary firewall login.
Looks like this was just fixed in 20001053004.  Fantastic!
Marking fixed per reporter's comment.
Status: REOPENED → RESOLVED
Closed: 24 years ago23 years ago
Resolution: --- → FIXED
Status: RESOLVED → VERIFIED
Verified.
Product: PSM → Core
Version: psm2.0 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.