Closed Bug 94775 Opened 24 years ago Closed 23 years ago

Chosing "remember password" and entering a wrong password doesn't bring the password dlg for mail again

Categories

(SeaMonkey :: MailNews: Account Configuration, defect, P2)

Product:
SeaMonkey
Component:
MailNews: Account Configuration
Platform:
x86
All
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED
Milestone:
mozilla1.0

People

(Reporter: marina, Assigned: cavin)

References

Details

(Whiteboard: [ADT2 RTM])

Attachments

(4 files)

Fix the problem.
2.90 KB, patch
asa
: approval+
Details | Diff | Splinter Review
Fix original problem for the bug, v1
1.15 KB, patch
Bienvenu
: superreview+
Details | Diff | Splinter Review
Fix webmail/aol login problem, v1
667 bytes, patch
dmosedale
: review+
Bienvenu
: superreview+
Details | Diff | Splinter Review
Merged patch from fixes for bugs 94775, 147022, 148520
1.82 KB, patch
jesup
: review+
jesup
: superreview+
jesup
: approval+
Details | Diff | Splinter Review
*** observed with 2001-08-09 build ( present in 0.9.2 as well) **** Steps to reproduce: - setup the Web mail account through the account wizard; - chose the web mail account, select the Inbox; - when prompted to enter your password enter a wrong one and check the box for the pasword being remembered; //note: you get 4 "Login failed" notifications and then the connection to the server is lost, the chance to re-enter a correct pasword never comes up ( it doesn't happen with other accounts, the password dlgbox will come up for you to enter a correct password)
OS: Windows 2000 → All
Appears to be a Webmail/AOL specific problem in conjunction with Password Manager. Workaround: I had to select Tasks|Privacy & Security|Password Manager|Clear Sensitive Information, exit/restart, then the login dialog appeared again. Setting QA Contact to huang.
QA Contact: nbaca → huang
reassigning to Cavin. Webmail/AOL bugs should be bugscape bugs.
Assignee: racham → cavin
Cavin, what are we going to do with this bug? i filed bug # 10147 in bugscape for this problem.
This has started happening for me in the past few days. It appeared about the same time as bug#101575 which makes me think they may be related. I have avoided clearing all my security info in hopes of finding a culprit. Since both bugs come and go (I change that password every month and use about every third daily build...) I wonder if it isn't something out of sync in the .js or reg info.
I had to delete the remembered password that was no longer valid from security manager to be asked for new one. But by now I do not get any passowrds for mail remembered.
Adding keyword 'nsbeta1+' since the corresponding bugscape bug 10147 has it.
Keywords: nsbeta1+
Priority: -- → P2
Target Milestone: --- → mozilla1.0
Related info from corresponding bugscape bug: ------ Additional Comment #4 From Cavin Song 2002-03-28 16:59 ------- Other than the problem described in the bug the following is also fixed: No password dialog shows up if you enter a wrong password and hit OK the 1st time. You get an error dialog ("Login failed") and that's it, plus the busy cursor is never turned off. A patch is coming which involves both mozilla and ns changes. ------- Additional Comment #5 From Cavin Song 2002-03-28 17:00 ------- Created an attachment (id=4907) Proposed mozilla patch, v1 Patch on the mozilla tree. ------- Additional Comment #6 From Cavin Song 2002-03-28 17:02 ------- Created an attachment (id=4908) Proposed ns patch, v1 Patch on the ns tree. ------- Additional Comment #7 From Cavin Song 2002-03-28 17:10 ------- The patch to the mozilla mainly, in case of login error, resets the url state so that next login will be successful. The patch ns tree mainly resets the internally stored user id and redirector type since the login was not successful. ------- Additional Comment #8 From bienvenu@netscape.com 2002-03-29 08:17 ------- re the mozilla patch, two things: 1. The name of the variable Reset... should be reset..., lower case r. 2. Could you move the code the gets queue element 0 and QI's it to an nsImapUrl to one place, instead of having (with your change) 3 places where we do that? This would involve probably declaring the local imap url comptr at the top level of the function, but only setting it if urlqueue count > 0, then checking if it was non null in the other two places where we're pulling it out of the url queue. the ns patch looks good, r=bienvenu on that one. ------- Additional Comment #9 From Cavin Song 2002-03-29 10:14 ------- Created an attachment (id=4918) Incorporated review comments. ------- Additional Comment #10 From bienvenu@netscape.com 2002-03-29 10:19 ------- r=bienvenu for the third patch. ------- Additional Comment #11 From Scott MacGregor 2002-03-29 13:14 ------- (From update of attachment 4918 [details] [diff] [review]) sr=mscott
Attached patch Fix the problem.Splinter Review
Comment on attachment 76801 [details] [diff] [review] Fix the problem. a=asa (on behalf of drivers) for checkin to the 1.0 trunk
Attachment #76801 - Flags: approval+
Fix checked in.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Reopening this bug and updating the summary to general IMAP accounts since I can reproduce this problem for judge/nsmail-1 accounts too. This is not specific for Webmail -- Removing Webmail on the summary. Build 05-20-08-1.0.0
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Summary: Chosing "remember password" and entering a wrong password doesn't bring the password dlg for Web mail again → Chosing "remember password" and entering a wrong password doesn't bring the password dlg for mail again
Discussed at mail news bug meeting. Decided to [ADT2 RTM]this bug.
Whiteboard: [ADT2 RTM}
Two problems with the (original) bug: 1. We need to create wallet service for "login-failed" notification so that when login fails the cached password can be removed. This problem has been fixed by bug 121926 so it's no longer a problem. 2. Even if (1) is implemented we still can't remove/reset the cached password because the stored 'passwordRealm', basically an url like "imap://username@hostname.com", does not match the one that is used to locate/find the cached password when login fails. So, when users first login and check the "Remember password" checkbox we store something like: "imap://test13nscp@imap.mail.aol.com" in the cache. This is done by the GetServerURI() call in nsMsgIncomingServer::GetPasswordWithUI() before calling PromptPassword(). Then when login fails (due to wrong password) we try to locate the cached password using the following url: "imap://test13nscp@imap.mail.aol.com/" Note that this time we append a '/' to the end of the url, and because these two strings don't match we can't find the cached password and thus can't clean it up. This is done by the GetSpec() call in nsWalletlibService::Observe() before calling SI_RemoveUser(). The easy way to fix this is to append server delimiter to the end of an url in nsMsgIncomingServer::GetPasswordWithUI() before passing it to PromptPassword().
Cavin, does that mean that the site will show up as "imap://user@host/" ? It would be nicer if it showed up as imap://user@host w/o the trailing slash - would it be possible to remove the trailing slash, if any?
Ccing morse for this issue. Can you take a look at comment #13 and see if you have a better idea of fixing it? Thanks. The bottom line is that we call SetSpec() with one string and GetSpec() returns a different one (with trailing '/').
If I'm understanding this correctly, the fix proposed in comment 13 will start adding new logins for the realm having the slash whereas there will be legacy logins already saved without the slash. So does that mean that when the user displays his various webmail logins (using the password-manager dialog) he'll see some with the slash and some without it? Also will the old legacy logins no longer be prefilled for the user? Another fix would be to modify password manager so that its test for a match should ignore trailing slashes on the realm.
Yes, we can also fix it in the password mgr (ie, in si_RemoveUser()) to ignore the trailing slash when comparing realms. But I'm not sure if this will break other things since I don't know all the cases where this function will be called. So you think this is safe to do?
Yes, it should be safe. The trailing slash should never make a difference, so it may be that other clients of password-manager were having the same problem but didn't know it yet.
OK, I'll make the change and you can review it. Thanks.
Strip off trailing ''/ of input realm, if present, before making comparison in si_GetURL().
morse, can you review the patch? Thx.
patch looks good to me. Just some really minor nits: put "if (urlCount) {" all on one line to be consistent with my style throughout rest of file looks like your patch inadvertently introduced an extra indentation on the line starting with "if(url->passwordRealm..." r=morse with or without those fixed.
Comment on attachment 84839 [details] [diff] [review] Fix original problem for the bug, v1 sr=bienvenu
Attachment #84839 - Flags: superreview+
Fix checked in.
Status: REOPENED → RESOLVED
Closed: 23 years ago23 years ago
Resolution: --- → FIXED
Keywords: adt1.0.0
this appears to have caused a nice string related crash, reviewers need to be aware of the behavior of ::Last. it will shoot you for calling it on an empty string. morse believes this caused bug 147022 and whichever other duplicate stacks we get today/tomorrow.
Blocks: 147022
Cavin, how does this differ from 121926 and was the string crash that timeless mentions caused by this?
To fix this problem we need the patch from bug 121926 (which was fixed prior to my work on this), plus the patch I submitted in this bug (to cleanup the cached password since users want passwords to be remembered). See comment #13 for details. Bug 147022 is caused by the patch of this bug because we did not make sure the 'password realm' is not null or empty before making a call to string's Last() routine.
Keywords: adt1.0.1
Karen, can you verify this on the trunk? Cavin, will you check in your fix to 147022 as part of this checkin or should we nominate that as well?
Keywords: adt1.0.0
Let's nominate 147022 as well. It's easier to track the problem that way.
Hmm, I must have used mozilla to test aol mail accounts and it actually worked as I expected. A patch is coming to fix the webmail/aol login problem. The previous patch fixes the generic imap server login problem.
When redirect login fails, invoke ForgetPassword(), instead SetPassword(nsnull), to clean up all cached passwords.
Yes. When I verified on yesterday trunk build. The original fix did work on Netscape Messaging Server(dredd), but did not work for AOL and Webmail. Hope above fix will fix it all.......
Comment on attachment 85882 [details] [diff] [review] Fix webmail/aol login problem, v1 sr=bienvenu
Attachment #85882 - Flags: superreview+
Comment on attachment 85882 [details] [diff] [review] Fix webmail/aol login problem, v1 r=dmose@netscape.com
Attachment #85882 - Flags: review+
Fix checked into the trunk.
Verified on 06-03-08-trunk build: Netscape Messaging Server: dredd/judge -> Passed AOL IMAP: Passed Netscape Webmail: Passed Password dialog did prompt again after type in and remember this wrong password.
Marking as verified.
Status: RESOLVED → VERIFIED
*** Bug 149156 has been marked as a duplicate of this bug. ***
adding adt1.0.1+ for checkin to the branch along with 147022 and 148502. Please get drivers approval before checking in.
Keywords: adt1.0.1adt1.0.1+, mozilla1.0.1
Since this bug along with 147022 and 148520 are related I'm going to post a patch which shows all the changes that will be checked into the branch. This way we can all see what has been changed to fix all 3 bugs.
This is what'll be cheked into the branch once it's approved.
please checkin to the 1.0.1 branch. once there remove the "mozilla1.0.1+" keyword and add the "fixed1.0.1" keyword.
Keywords: mozilla1.0.1mozilla1.0.1+
Comment on attachment 86709 [details] [diff] [review] Merged patch from fixes for bugs 94775, 147022, 148520 please check into the 1.0.1 branch ASAP. once landed remove the mozilla1.0.1+ keyword and add the fixed1.0.1 keyword
Attachment #86709 - Flags: superreview+
Attachment #86709 - Flags: review+
Attachment #86709 - Flags: approval+
Fix landed in the branch.
Keywords: mozilla1.0.1+fixed1.0.1
Verified on branch build for all the platforms: Windows2000 06-10-08-1.0.0 Linux 06-10-07-1.0.0 Mac 06-10-05-1.0.0 Netscape Messaging Server: dredd/judge -> Passed AOL IMAP: Passed Netscape Webmail: Passed Password dialog did display again after type in and remember this wrong password. Changing keywords from fixed1.0.1 to verified1.0.1.
Keywords: fixed1.0.1verified1.0.1
*** Bug 151559 has been marked as a duplicate of this bug. ***
Whiteboard: [ADT2 RTM} → [ADT2 RTM]
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: