Closed
Bug 226456
Opened 21 years ago
Closed 20 years ago
failover to basic auth if NTLM doesn't succeed?!?
Categories
(Core :: Networking: HTTP, defect)
Core
Networking: HTTP
Tracking
()
RESOLVED
WORKSFORME
Future
People
(Reporter: darin.moz, Assigned: darin.moz)
References
Details
>------- Additional Comment #208 From d. oertel 2003-11-21 03:39 -------
>Is there any possibility to disable NTLM authentification ?
>We have a lot trouble with bad configured MS-Webservers.
>These sites are not accessable since mozilla 1.3 because Mozilla now
>tries NTLM and fail.
>But basic authentification works well.
perhaps we should failover to basic auth if NTLM doesn't succeed?!? we can only
do so if the user is adequately informed that they would be using a less secure
authentication scheme. part of the solution to this bug exists today. a user
can cancel a NTLM auth prompt, and they will then be prompted for Basic
authentication. (i'm not sure that is very clear to users, but it exists.)
|
||
Comment 1•21 years ago
|
||
Is there an easy way to know why NTLM didn't succeed? Chances are the user just
entered their password wrong, in which case they probably will just want to keep
trying.
Maybe mozilla should just have a config property to disable NTLM support altogether.
|
Assignee | |
Comment 2•21 years ago
|
||
yeah, that might make more sense. i agree that we should keep prompting for
NTLM first since it could just be the case that the user mistyped their username
and/or password.
|
|
||
Comment 3•21 years ago
|
||
Although it deserves another bug, it would be nice if the password prompt told
you want type of authentication it was going to be used for. Basic, Digest,
NTLM, other.
|
||
Comment 4•21 years ago
|
||
that's bug 115500
because this problem blocks a roll out of 2500 Mozilla installations
we have searched and found a dirty work around:
in file compreg.dat
changing line
@mozilla.org/network/http-authenticator;1?scheme=ntlm,{bbef8185-c628-4cc1-b53e-e61e74c2451a}
to
;@mozilla.org/network/http-authenticator;1?scheme=ntlm,{bbef8185-c628-4cc1-b53e-e61e74c2451a}
it seems to work
we are happy about every better idea
|
|
Assignee | |
Comment 6•21 years ago
|
||
d. oertel: yes, that will work. my plan is to work on improving the auth
dialogs during the 1.7 cycle, and possibly work on adding a disable NTLM preference.
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla1.7alpha
|
|
Assignee | |
Updated•21 years ago
|
Target Milestone: mozilla1.7alpha → mozilla1.7beta
|
|
Assignee | |
Updated•21 years ago
|
Target Milestone: mozilla1.7beta → mozilla1.8alpha
|
|
Assignee | |
Comment 7•20 years ago
|
||
so, we currently try NTLM and if that fails, we try the next auth scheme. that
seems to suggest that this bug is fixed, per the summary. we need to improve
our auth dialogs in order to make the failover more prominent. that's bug
115500, so marking this bug WORKSFORME.
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → WORKSFORME
Target Milestone: mozilla1.8alpha1 → Future
|
|
Assignee | |
Comment 8•20 years ago
|
||
FYI, failover was added in bug 180049
You need to log in
before you can comment on or make changes to this bug.
Description
•