Previous 1 2 3 Next 31 Replies Latest reply: Mar 2, 2015 9:50 AM by RogWilco Go to original post
  • tb06 Level 1 (0 points)

    I've seen this, too, consistently since the Lion upgrade. Safari 5.1.1 has not fixed it. I see this without a 301 or 302 redirect involved in accessing the page. It is extremely frustrating! The AutoFill lilsted below did not help in my case.

  • ctangent Level 1 (0 points)

    The issue I just posted seems to be related to the problem you describe:

    https://discussions.apple.com/thread/3772253?start=0&tstart=0

     

    I was able to reproduce an issue using the HTML 5 audio tag and the drupal_goto method in Drupal. In both cases, in Safari 5.0.5 and Safari 5.1.2, in the apache logs, the initial requests to the page include the authenticated user, but the request to download the audio file or the request to go to a new page somehow did not send the authentication information because the request in the log doesn't include anything.

     

    So for example, I am authenticated by apache and submit a form. The page processes the form then uses drupal_goto to redierct to another page. From Chrome, the following appears in the apache log:

    ::1 - tom [02/Feb/2012:17:23:46 -0500] "POST /drupal/node/6?q=node/6 HTTP/1.1" 302 502

    ::1 - tom [02/Feb/2012:17:23:46 -0500] "GET /drupal/node/8 HTTP/1.1" 200 3019

     

    When I do the same thing in Safari:

    ::1 - tom [02/Feb/2012:17:25:50 -0500] "POST /drupal/node/6?q=node/6 HTTP/1.1" 302 502

    ::1 - - [02/Feb/2012:17:25:50 -0500] "GET /drupal/node/8 HTTP/1.1" 401 401

    ::1 - tom [02/Feb/2012:17:25:55 -0500] "GET /drupal/node/8 HTTP/1.1" 200 3019

     

    The request after the goto doesn't include authentication information - and I have to put in my username and password.

     

    This is an annoyance in the case of redirection - having to reauthenticate every time - but in the case of HTML 5 audio it is fatal. The audio file specified in the source tag simply does not load.

  • Enjolras Level 1 (0 points)

    Today, Apple released Safari 5.1.4. This problem is still not resolved.

  • mike.l.r Level 1 (0 points)

    Looks like it's fixed in Safari 6. Finally.

  • chgobearmike Level 1 (0 points)

    Nope.  Not fixed in Safari 6.  It is very anoying to have to keep logging in twice. 

  • mike.l.r Level 1 (0 points)

    Weird, it's most definitely working for me now. Tested on three different computers (Lion and Mountain Lion): the webpage login details are not in Keychain and on basic 301, 302, 303 and 307 redirects the "Authorization:Basic" is included in the redirected HTTP header as expected, so I am not getting a second login prompt. That was not happening before Safari 6.

  • Dan Pouliot Level 1 (100 points)

    I have a FileMaker developer for my company and this bug is affecting all of my FileMaker users. Users are now being required to repeatedly authenticate for tasks that previously required no authentication (because it was stored in the computers' keychain).

  • Swoppy Level 1 (0 points)

    I am also having this problem. Extremely frustrating! Introduced with an upgrade to Mountain Lion. Will this ever be fixed?

  • terryb Level 1 (55 points)

    Installed Safari 6.0.4 today and the problem is *still* there. Works as expected in FF and Chrome. Does anyone know of a workaround that doesn't require moving the video to an unprotected directory?

     

    -Terry

  • Tobit Level 1 (15 points)

    Happy to see that it's not my code is not the cause of the problem.

     

    One possibility to escape to this bug under Safari, might be to generate a time-limited link, and this only if the user it is authenticated on the page. I'm using PHP, so I should be able to obtain a fix with "PHP_AUTH_USER" or similar.

     

    I'm not really expecting that Apple will correct it...

     

    CU.

  • Dan Pouliot Level 1 (100 points)

    Filemaker 12.05, Mavericks, this still exists! Has anyone heard any news on this, or are both companies silent on the matter?

  • jgosch Level 1 (0 points)

    i can confirm this bug on safari 6.1. also a lot of customer complaints, different versions. have to switch our web app's auth mechanism. I don't expect apple to fix this as it seems to exist since some years!!

  • chris catalano Level 2 (280 points)

    Has there been any update on this? I just begrudgingly updated to Lion from SL and am having this problem with all of our joomla sites. We have the admin directories for all of our client's joomla sites protected via htaccess. Now whenever I try to work in the admin section of one of these sites I am constantly asked for the htaccess login info as I perform various tasks in the back end. That makes Safari absolutely unusable.

     

    I've seen a few suggestions in this thread, but no one has confirmed that any of them work.

  • pansgeist Level 1 (0 points)

    Had the same problem with Safari asking me over again for authentication after login to my website.

    In my case the problem was caused by a jquery-plugin from the javascript folder (/js/flexslider.js).

    The wollowing steps made it working for me:

     

    First I added "satisfy all" and "options -Indexes" to the .htaccess in my "restricted_subdirectory":

     

    AuthType Basic

    AuthName "Restricted Area"

    AuthUserFile /home/mysite.com/restricted_subdirectory/.htpasswd

    AuthGroupFile /dev/null

    require valid-user

    satisfy all

     

    Options -Indexes


    Then I added a .htaccess file to every subdirectory ( /js /images /css - every folder that's related to the script) with only
    satisfy any

     

    I'm not sure this is a proper solution but that made it working for my simple needs. Maybe it works for some of you guys as well. . 

  • .tadija Level 1 (0 points)

    I have the same problem on Yosemite and Safari 8.0.

    Internal web application with HTTP authentication, keeps asking for password (which is saved in keychain) almost all the time...

    So frustrating.