Mozilla prompts for id & pass when accessing sites w/ certificates from behind a firewall

VERIFIED FIXED in psm2.0

Status

Core Graveyard
Security: UI
--
critical
VERIFIED FIXED
17 years ago
a year ago

People

(Reporter: Jason Lewis, Assigned: Javier Delgadillo)

Tracking

1.0 Branch
psm2.0
x86
Windows 2000

Firefox Tracking Flags

(Not tracked)

Details

(URL)

(Reporter)

Description

17 years ago
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; m18) Gecko/20010201
BuildID:    2001020104

I cannot access my webmail site from work because Mozilla's security won't play
nice with our HTTPS firewall (brand unknown).  I get prompted to enter my
firewall user id and password when I go to a secure site; after I do, the page
never renders.  Mozilla shouldn't even prompt for firewall authentication once
I've already logged in to the firewall.



Reproducible: Always
Steps to Reproduce:
1.  Open Mozilla to a public internet site  (for example, http://www.mozilla.org.
2.  Mozilla prompts for my firewall usderid and password.  I have this stored by
the Password Manager, so I just click 'OK'.
3.  After the page renders, I click on my bookmark to https://mail.xmission.com.
 For some reason, Mozilla prompts me for my firewall password.
4.  I re-enter my firewall userid and pasword and click 'OK'. 


Actual Results:   The page never renders -- I don't get a chance to enter my
user id and password for my mail account.  In past nightlies, I was able to
enter my firewall u-id and password and go on to the site.


Expected Results:  It shouldn't prompt me to re-authenticate with the firewall.
 I should go straight to the login page for my mail account.

Additional Comments:  My userid and password for my mail account are not stored
with the password manager.  I just installed this build after un-installing a
previous build and deleting my Users50 folder.
->Crypto. Maybe incompatible SSL versions?
Assignee: mstoltz → ddrinan
Component: Security: General → Security: Crypto
QA Contact: ckritzer → junruh
(Reporter)

Comment 2

17 years ago
Unlikely.  I only encounter this problem when behind a firewall.  I get to the
site from home just fine.

Comment 3

17 years ago
I have also noticed this bug. And the problem also only exists when I am trying
to connect to a secure site from behind our corporate firewall.

Comment 4

17 years ago
Reassigning
Assignee: ddrinan → javi
Status: UNCONFIRMED → NEW
Ever confirmed: true

Comment 5

17 years ago

*** This bug has been marked as a duplicate of 31174 ***
Status: NEW → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → DUPLICATE

Comment 6

17 years ago
vrfy dup
Status: RESOLVED → VERIFIED
(Reporter)

Comment 7

17 years ago
Re-opening.   This never was a dupe, but a whole seperate problem, which still
has not been resolved.  This is in part my fault for not testing it properly; I
finally found the real problem:  

Mozilla will not logon to sites that use certifcates when behind a firewall. 
There are actually two problems here (the second I will report in another bug) 

1.) When Mozilla encounters a site that uses certificates AND is being used
behind a firewall, it prompts for the firewall username and password.  Expected
result: no prompt.  

2.) If you enter your firewall id and pass, Mozilla will begin to render the
page, then crash or freeze, depending on the build. 2001040904 freezes.  This
will be reported in another bug.

Here are the new steps to reproduce:
1.) Start Mozilla behind a firewall and point to a site that uses certificates.
 Examples are: 
https://www.palm.net/Registration/RegistrationNewUser.jsp?doSSL=1
https://mail.xmission.com
2.) Mozilla will prompt for password and id.  This should not occur.


Changes made to bug report:
- Re-opened
- changed summary to reflect real problem
- added comments
Severity: major → critical
Status: VERIFIED → REOPENED
Resolution: DUPLICATE → ---
Summary: Cannot log in to secure web sites requiring authentication when logged into proxy. → Cannot log in to secure web sites that use certificates when behind firewall
(Reporter)

Comment 8

17 years ago
See also bug #75237
(Reporter)

Updated

17 years ago
Summary: Cannot log in to secure web sites that use certificates when behind firewall → Mozilla prompts for id & pass when accessing sites w/ certificates from behind a firewall

Comment 9

17 years ago
Mass changing of product. Browser:Security:Crypto --> PSM 2.0
Component: Security: Crypto → Client Library
Product: Browser → PSM
Version: other → 2.0

Comment 10

17 years ago
What kind of firewall is in play here?  Something's not clicking with me on this
problem.  Many of us are behind corporate firewalls and don't have any problems.  

Setting target to PSM 2.0 so it gets addressed soon.
Target Milestone: --- → 2.0
(Reporter)

Comment 11

17 years ago
In response to your question:  its an HTTPS firewall (brandname: Interlock)
running on an NT server (I believe).  User id and password are required for
access to the internet.  I am configured to connect to the firewall on port 80
for HTTP, SSL, FTP, and Gopher.

I also reported this problem on other certifate-enabled sites such as
registration for MyPalm. (
https://www.palm.net/Registration/RegistrationNewUser.jsp?doSSL=1 )
but I now only see the problem at https://mail.xmission.com . (If you try this
site, make sure you type https, or the site will assume you want the http version.)

All bugs for this have now been resolved EXCEPT ONE.  Here's how to reproduce:

1.)  From behind firewall, access the Internet by logging into the firewall. 
Visit a favorite site or two.
2.)  Now type in the URL bar https://mail.xmission.com and hit enter.
3.)  Mozilla will prompt for firewall id and pass.  It should not.
4.)  Here's the big improvement.  Enter your firewall id and pass and hit enter.
Mozilla will finally let you into the site.  I couldn't get this far previously.
 Thanks guys!

All that's left to fix is the unnecessary firewall login.
(Reporter)

Comment 12

17 years ago
Looks like this was just fixed in 20001053004.  Fantastic!

Comment 13

17 years ago
Marking fixed per reporter's comment.
Status: REOPENED → RESOLVED
Last Resolved: 17 years ago17 years ago
Resolution: --- → FIXED

Updated

17 years ago
Status: RESOLVED → VERIFIED

Comment 14

17 years ago
Verified.

Updated

13 years ago
Component: Security: UI → Security: UI
Product: PSM → Core

Updated

10 years ago
Version: psm2.0 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.