Bug 128006

Summary: Coalesce authentication credential requests
Product: WebKit Reporter: Daniel Bates <dbates>
Component: Page LoadingAssignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, barraclough, beidson, cdumez, commit-queue, darin, dbates, ddkilzer, mjs, webkit-bug-importer
Priority: P1 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch
none
Patch none

Daniel Bates
Reported 2014-01-31 12:01:43 PST
We should look to coalesce authentication credential requests such that we ask the client to display the minimum number of authentication dialogs needed to access the requested resources. One example of how this issue manifests itself is in the WebKit Bot Watcher's Dashboard with a Buildbot that requires HTTP authentication. At the time of writing, the WebKit Bot Watcher's Dashboard is coded such that each queue makes an independent XML HTTP request to its associated Buildbot for content. Assuming there are at least two queues associated with a Buildbot that requires HTTP authentication and looking only at requests sent by the queues, there may be at most two XML HTTP requests that are made and hence Safari will prompt for credentials twice.
Attachments
Patch (12.55 KB, patch)
2015-07-31 15:07 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (12.77 KB, patch)
2015-07-31 16:14 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (2.45 KB, patch)
2015-08-08 20:19 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2014-01-31 14:37:59 PST
This is usually not an issue because main resource tends to be authenticated, and subsequent loads don't start until it loads. But it can get really annoying for something like the dashboard. Also, reopening windows after browser restart can result in multiple requests for the same credentials, if you had the same site open in multiple windows.
David Kilzer (:ddkilzer)
Comment 2 2014-02-07 10:55:11 PST
(In reply to comment #1) > This is usually not an issue because main resource tends to be authenticated, and subsequent loads don't start until it loads. > > But it can get really annoying for something like the dashboard. Also, reopening windows after browser restart can result in multiple requests for the same credentials, if you had the same site open in multiple windows. This behavior drives me crazy every time I restart Safari.
Radar WebKit Bug Importer
Comment 3 2014-05-07 07:57:43 PDT
<rdar://problem/16839069>
Chris Dumez
Comment 4 2015-07-31 15:02:53 PDT
*** Bug 147496 has been marked as a duplicate of this bug. ***
Chris Dumez
Comment 5 2015-07-31 15:07:31 PDT
Created attachment 257965 [details] Patch
Alexey Proskuryakov
Comment 6 2015-07-31 16:04:29 PDT
Comment on attachment 257965 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=257965&action=review > Source/WebKit2/Shared/Authentication/AuthenticationManager.cpp:58 > + // Do not coalesce server trust evaluation requests. This comment either needs to explain why, or to be dropped. > Source/WebKit2/Shared/Authentication/AuthenticationManager.cpp:73 > +uint64_t AuthenticationManager::addChallengeToHashMap(const WebCore::AuthenticationChallenge& authenticationChallenge) I'd say addChallengeToChallengeMap. Not a great name, but spelling out the data type in "addChallengeToHashMap" seems even less useful. > Source/WebKit2/Shared/Authentication/AuthenticationManager.cpp:95 > +Vector<uint64_t> AuthenticationManager::coalesceChallenges(uint64_t challengeID) const This took me awhile to understand - why does a "coalesce" function take a single challenge, what can it coalesce it with? How would you feel about one of these ideas: - coalesceChallengesMatching(uint64_t challengeID) - or coalesceChallenges(const ProtectionSpace&)
Chris Dumez
Comment 7 2015-07-31 16:09:24 PDT
Comment on attachment 257965 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=257965&action=review >> Source/WebKit2/Shared/Authentication/AuthenticationManager.cpp:58 >> + // Do not coalesce server trust evaluation requests. > > This comment either needs to explain why, or to be dropped. Proposing: "Do not coalesce server trust evaluation requests because ProtectionSpace comparison does not evaluate server trust (e.g. certificate)." >> Source/WebKit2/Shared/Authentication/AuthenticationManager.cpp:95 >> +Vector<uint64_t> AuthenticationManager::coalesceChallenges(uint64_t challengeID) const > > This took me awhile to understand - why does a "coalesce" function take a single challenge, what can it coalesce it with? > > How would you feel about one of these ideas: > - coalesceChallengesMatching(uint64_t challengeID) > - or coalesceChallenges(const ProtectionSpace&) I'd prefer the first one. The second one is clear but a bit annoying because we then have to move the HashMap lookup to every call site.
Chris Dumez
Comment 8 2015-07-31 16:14:20 PDT
Created attachment 257977 [details] Patch
Chris Dumez
Comment 9 2015-07-31 16:56:05 PDT
Comment on attachment 257977 [details] Patch Clearing flags on attachment: 257977 Committed r187691: <http://trac.webkit.org/changeset/187691>
Chris Dumez
Comment 10 2015-07-31 16:56:10 PDT
All reviewed patches have been landed. Closing bug.
Chris Dumez
Comment 11 2015-08-08 20:19:03 PDT
Reopening to attach new patch.
Chris Dumez
Comment 12 2015-08-08 20:19:07 PDT
Created attachment 258586 [details] Patch
Chris Dumez
Comment 13 2015-08-08 20:22:00 PDT
Uploaded a follow-up patch to fix post-mortem review comments from Darin on Bug 147496.
WebKit Commit Bot
Comment 14 2015-08-09 15:20:54 PDT
Comment on attachment 258586 [details] Patch Clearing flags on attachment: 258586 Committed r188198: <http://trac.webkit.org/changeset/188198>
WebKit Commit Bot
Comment 15 2015-08-09 15:21:00 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.