Can not sign in to Weave whilst Keychain Services Integration 1.0a7 is enabled

[GoogleCodeExporter]

Firefox 3.5.2, Mac OS X
Weave 0.5
Keychain Services Integration 1.0a7

1. aim to sign in to Weave

2. in the 'Sign in to Weave' dialogue, complete the three fields

3. click Sign In

= Bug =

The Sign In button appears to be ineffective whilst Keychain Services 
Integration 1.0a7 is 
enabled. 

Help button is effective, but the resulting window does not appear until after 
the Cancel button is 
clicked. 

Cancel button is effective. 

Original issue reported on code.google.com by grahampe...@gmail.com on 5 Aug 2009 at 11:48

[GoogleCodeExporter]

Re the two options, 

[ ] Save password on this computer
[ ] Automatically connect each time I start Firefox

checking/unchecking seems to make no difference. 

Original comment by grahampe...@gmail.com on 5 Aug 2009 at 11:49

[GoogleCodeExporter]

If I omit both password and passphrase, the Sign In button is followed (as 
expected) by a prompt to enter a 
password. 

If I omit the passphrase alone, the Sign In button is followed by a prompt to 
enter a phrase. 

If I omit the password alone, the Sign In button is followed by a prompt to 
enter a password. 

Original comment by grahampe...@gmail.com on 5 Aug 2009 at 11:51

[GoogleCodeExporter]

I disabled the extension for this same reason.

I remember checking the Error Console, and there was an exception about 
"malformed
URL", "invalid URL" or something similar. Sorry for being so vague, but I can't
restart the browser to enable the extension and read it again right now.

Weave's passwords appear on the Password Manager as "chrome://weave (Mozilla 
Services
Password)" and "chrome://weave (Mozilla Services Encryption Password)". Hope 
that
helps, as I'm not sure if this is an issue with this extension, Weave, or even
Keychain refusing URIs with unknown schemes.

For the record, this is not the only extension I know which uses the chrome: 
scheme.
I also have a "chrome://twitternotifier" entry here, and I'm pretty sure I've 
already
seen at least one other extension doing it before.

Original comment by mernen on 6 Aug 2009 at 6:37

[GoogleCodeExporter]

FWIW I prefer to disable Weave. 

http://www.brighton.ac.uk/centrim/Members/gjp4/2009/08/06 highlights some 
related questions 
concerning Weave and the traditional Mozilla approach to saved passwords. 

(I should encourage discussion away from this issue tracker.)

My gut feeling is that the conclusion to this issue will be 
wontfix
… in other words, Weave should take a more integrated approach.

Original comment by grahampe...@gmail.com on 6 Aug 2009 at 8:51

[GoogleCodeExporter]

Cross-posted to https://bugzilla.mozilla.org/show_bug.cgi?id=509007

Original comment by grahampe...@gmail.com on 7 Aug 2009 at 11:11

[GoogleCodeExporter]

Re 
http://groups.google.com/group/mozilla-labs-weave/browse_frm/thread/e4f7ec3d0744
44cc 
I tried Weave 0.6pre1, no improvement. 

> I remember checking the Error Console, and there was an exception

When I click the Sign In button, the messages area of Error Console reports: 

Invalid chrome URI: /

The Activity Log of Weave presents no information coinciding with my click on 
the button. 

Original comment by grahampe...@gmail.com on 7 Aug 2009 at 11:19

[GoogleCodeExporter]

The bug in Mozilla is invalidated.

Original comment by grahampe...@gmail.com on 11 Aug 2009 at 4:44

[GoogleCodeExporter]

I guess this won't be "fixed" in Weave.  I really look forward to see this 
fixed in
Keychain Services!

Original comment by henrik.a...@gmail.com on 18 Aug 2009 at 10:41

[GoogleCodeExporter]

> fixed in Keychain Services!

If a change is desired to Keychain Services, the suggestion should be made to 
Apple. 

Original comment by grahampe...@gmail.com on 19 Aug 2009 at 8:24

[GoogleCodeExporter]

Sorry about the confusion, I was referring to your extension "Keychain Services
Integration".

Original comment by henrik.a...@gmail.com on 19 Aug 2009 at 8:33

[GoogleCodeExporter]

Not my extension, it's the developer's :-) and thanks for clarifying. 

In any case, it's useful to think about what's possible within Apple's API for 
Keychain Services. Apple guides 
readers to http://www.opengroup.org/security/cdsa.htm

Original comment by grahampe...@gmail.com on 19 Aug 2009 at 12:20

[GoogleCodeExporter]

Not sure what the fix would be here but the only thing I can think of is to 
store it in the Keychain as an 
application password instead of an internet password. Internet password entries 
all have to have a protocol 
defined in a list of constants by Apple... I'm guessing chrome:// isn't in 
there...

I haven't implemented an interface for application passwords but it wouldn't be 
too hard to do...

Original comment by jfitz...@gmail.com on 28 Aug 2009 at 8:47

• Changed state: Accepted

[GoogleCodeExporter]

Now using Weave 0.6, the symptoms are different: 

> !
> [JavaScript Application]
> Couldn't sign in: null
> [[OK]]

@  jfitzell

Would you like me to continue in this report? Or shall we close this one and 
begin anew for 0.6?

Original comment by grahampe...@gmail.com on 28 Aug 2009 at 1:34

[GoogleCodeExporter]

As you prefer... I guess it still has a similar cause...?

Original comment by jfitz...@gmail.com on 28 Aug 2009 at 5:49

• Added labels: Priority-Low
• Removed labels: Priority-Medium

[GoogleCodeExporter]

I spun it off to issue 7. May be a separate issue. 

Original comment by grahampe...@gmail.com on 28 Aug 2009 at 6:21

[GoogleCodeExporter]

Apparently resolved in/around Weave 0.7pre2

http://www.wuala.com/grahamperrin/public/2009/09/12/a.png

Original comment by grahampe...@gmail.com on 12 Sep 2009 at 6:26

[GoogleCodeExporter]

excellent news...

Original comment by jfitz...@gmail.com on 12 Sep 2009 at 8:21

• Changed state: WontFix