Lion PAC proxy asking for authentication reapeatedly

The prompt appears because you are configured to use a proxy that requires authentication yet you have not configured your system with the proper credentials for said proxy.

Just as you have to enter your credentials in Safari, all other processes that generate network traffic through your proxy must also have these same credentials. The prompt is generated by AuthBrokerAgent, and it is attempting to do just that.

So, you can:

1) when entering credentials in Safari, check the box to save them to your keychain

2) enter your credentials in the prompt

3) enter your credentials in System Preferences -> Network -> Advanced -> Proxies

While Xiao's solution will work to stop the dialog, unfortunately all background processes that must use the proxy or any other App that does not handle proxy authentication will either not work, or worse, silently fail.

As stated, this will definitely work. The only problem is "sometimes it still pops up frequently" means that you have background processes or applications that cannot authenticate with the proxy--they will not be able to transmit network traffic and it will cause them to fail.

I have been having exactly the same problem and it has been infuriating.

Run this and it will fix it. I have tried it on multiple machines and it is now working a dream. This was the last piece of the 10.7 SOE and can now roll it out.

sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.UserNotificationCenter.plist

Error unloading: com.apple.UserNotificationCenter

thats what i get when i try your method nicoisconfusion confusion like your nick

Do not use the suggestion to unload the notification center. That does not fix the problem.

This post provides the correct solution.

Usually a proxy authentication dialog allows the user the option to 'allow once' or 'always' etc, and to save the proxy login details to the user's login keychain.

But under both 10.8 and in particular 10.9 whenever a proxy is in use, the user gets bombarded with multiple recurrent proxy authentication dialogs without any save options and without any identifier.

Using the terminal command nettop, I discovered that the offending dialogs come from system processes, most notably syncdefaultsd. (How to do this at the end of the post)

The problem is that syncdefaultsd is not keychain aware. It needs access to the user's proxy settings at regular intervals, but can't get them from the user's login keychain. It's proxy request dialog does not have the option to save the details to the user's keychain, and worse still does not identify syncdefaultsd as the requesting process. Even if you open your login keychain to allow any application access to your proxy, syncdefaultsd will still keep asking for your proxy details.

The solution is to ensure that you have working proxy settings saved in the *system* keychain, not just your personal login keychain.

So when you next get one of these dialogs:

1. Note the server name that is requesting authentication, the port (usually 8080) and if it is an http or https request. Typically it will be something in the form https://someproxyserver.someorganization.com:8080

2. See if you already have an entry for that server in your login keychain. If not, make one manually, (being sure to enter the whole thing as per the example above with the :8080 at the end). Typically that there needs to be two separate keychain entries per proxy server, one for http and a second for https, though syncdefaultsd only uses https.

3. Once you have login keychain entries for the proxy server, double-click them and ensure that under Access all applications are allowed, and that your user name is saved.

4. Now for the fun bit. Option-drag and drop these entries into your system keychain. Click on the system keychain, and confirm that they are there, and that all the settings are exactly right.

For good measure, do a shift-restart then a normal restart.

You should now get no more annoying dialogs for that particular proxy server. If your proxy server has more than one alias, or if you have several, then whenever you get a new unidentified dialog, repeat the above.

I discovered it using the terminal command nettop, typing into the terminal:

nettop -m tcp

This lists all active network processes. If you quit all apps you should still see quite a few network processes. If you see syncdefaultsd, wait for it to go away, or kill it via the Activity Monitor. If you haven't done the fix as above, and you open Safari, you'll see syncdefaultsd open shortly after Safari, and the annoying dialog immediately appears. After the fix is implemented, the dialogs don't appear when syncdefaultsd tries to start up.

Hope this helps someone, and that Apple fixes it in 10.9.1

Cheers

Chris.

What a timely response. I've been trying to solve this problem for months and earlier visits to google never gave me the right answer. This seems to be working. Thank you!

Hello Chris.

Wonderful instructions, they helped me on an iMac with OS X 10.8 (I believe to remember, not sure).

Now, I'm facing the problem that Google Chrome doesn't care about the changes I made: every time I reboot the system, I have to authenticate on the proxy. Which is not happening anymore on Safari...

Any help on this?

Kind regards,

Flavio.

@FlabioB: I don't use Chrome so I can't help much with your specific issue. If Chrome is reconfigured to use system proxy settings and to store passwords in the keychain, that may solve the issue (ie make it work like Safari). If not, run nettop as suggested, and watch closely for the names of the processes that appear in nettop when the dialog appears after launching Chrome. This will help identify the source of the dialog. From that you may be able to use the technique above to solve the problem. Note that nettop is only needed for dialogs that do not identify the name of the process requesting access to the proxy; if your Chrome dialog says which process is asking for the proxy password, then find a way of saving the password in Chrome or in your keychain.

That's all I can suggest, sorry if it isn't enough to help.

Chris.

Please remember to notify Apple of this issue https://bugreport.apple.com/

Chris.

Hey chris,

For a safer side, can u make a video for this???

Thanks in Advance

Regards,

Akshay

I have CS6 on a mac that I can not put in credentials. All credentials at my company are user creds with expiring passwords. This mac is setup for automation only, so I removed these 3 plugins (placed into a plugins-disabled folder) and the prompts on startup stopped:

- CSXS.InDesignPlugin

- Editor Helper UI.InDesignPlugin

- Help.InDesignPlugin

Chris you are the best. I have literally been kept up for nights trying to solve this problem. So huzzahs to you. Huzzah!

Nikki

The solution to resolve the proxy issue gives quite a few details, however I'm not quite understanding how to create the proxy settings and save them in the "system keychain." Is there a specific tool or utility that's used so that I can create the settings that I'd like to configure in reference to my proxy? Or is this done through creating a cert for the keychain?

Thanks in advance.