GNOME Bugzilla – Bug 646060
Cannot retry failed password with NTLM auth
Last modified: 2013-07-13 14:25:16 UTC
When I fat-finger my password using basic auth, the 'authenticate' signal gets called again with the 'retrying' parameter set to TRUE. My application can ask me again for the password, and the request is retried. Ad infinitum, I believe, until I hit 'cancel' and my application doesn't try again by calling soup_auth_authenticate() with another attempt at my password. This doesn't seem to work with NTLM auth. We always just get a hard failure after the first attempt. Is there a reason for that, or is it just an oversight? It makes it hard for my application to do the right thing — where the right thing is fairly much what libsoup does internally for basic auth. If the user hit *cancel* then just let the request fail. But if the user did try to enter a password, then I'm going to need to remember that and manually resubmit the request for myself in order to give the user another chance... ick.
Bug. The way it used to work is: during the initial NTLM handshake, if we get a 401 at the end, then re-emit authenticate. However, once we successfully complete an NTLM handshake with a username and password, don't ever return authenticate for it again, because Exchange WebDAV also uses 401 to mean "You don't have permission to view this page [but maybe if you gave a different username and password you would]", and you don't want the user to have to re-enter their password just because they clicked on a not-completely-public Public Folder. Arguably that's wrong, and it should emit authenticate even in the second case, and the app should just know to ignore it. But if you change that behavior, then evolution-exchange will probably need a patch.
*** This bug has been marked as a duplicate of bug 693222 ***