Avatar for Username

ძიება მხარდაჭერაში

ნუ გაებმებით თაღლითების მახეში მხარდაჭერის საიტზე. აქ არასდროს მოგთხოვენ სატელეფონო ნომერზე დარეკვას, შეტყობინების გამოგზავნას ან პირადი მონაცემების გაზიარებას. გთხოვთ, გვაცნობოთ რამე საეჭვოს შემჩნევისას „დარღვევაზე მოხსენების“ მეშვეობით.

Learn More

ეს თემა დაარქივებულია. დასვით ახალი კითხვა, თუ დახმარება გესაჭიროებათ.

PKCS#11 authentication fails with sec_error_token_not_logged_in

  • 5 პასუხი
  • 3 მომხმარებელი წააწყდა მსგავს სიძნელეს
  • 40 ნახვა
  • ბოლოს გამოეხმაურა jscher2000 - Support Volunteer

evanward1
evanward1
more options

I am using a smart card (CAC) to login to a website. Logging out of the website and trying to log back in causes firefox to show the sec_error_token_not_logged_in error instead of asking for my pin.

Steps to reproduce:

1. Use smart card to login to a PKCS#11 secured website. e.g. http://www.sldcada.disa.mil/ Firefox will correctly ask for the smart card pin and authenticate. 2. logout and remove smart card 3. insert smart card and attempt to login again. Firefox will display the above error.

Expected Behavior:

At step 3 firefox will ask for my smart card pin to unlock the token and then authenticate with the website.

Workaround:

2.5 Edit > Preferences > Advanced > Encryption > View Certificates. Enter pin when prompted. Close the preferences windows. Step 3 will now work as expected because the smart card has been unlocked.

I am using a smart card (CAC) to login to a website. Logging out of the website and trying to log back in causes firefox to show the sec_error_token_not_logged_in error instead of asking for my pin. Steps to reproduce: 1. Use smart card to login to a PKCS#11 secured website. e.g. http://www.sldcada.disa.mil/ Firefox will correctly ask for the smart card pin and authenticate. 2. logout and remove smart card 3. insert smart card and attempt to login again. Firefox will display the above error. Expected Behavior: At step 3 firefox will ask for my smart card pin to unlock the token and then authenticate with the website. Workaround: 2.5 Edit > Preferences > Advanced > Encryption > View Certificates. Enter pin when prompted. Close the preferences windows. Step 3 will now work as expected because the smart card has been unlocked.

ყველა პასუხი (5)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Can you determine whether this is site-specific? For example, if at step 3, you were to visit another site that requires the CAC, will Firefox still fail to ask for a PIN?

Regarding the same site problem, does it make any difference if, at step 3, you:

(1) reload the page bypassing the cache (Ctrl+Shift+r)?

(2) remove the site's cookies and then reload the page?

You can selectively remove a single site's cookies this way: While viewing a page on the site:

  • right-click and choose View Page Info > Security > "View Cookies"
  • Alt+t (open the classic Tools menu) > Page Info > Security > "View Cookies"
cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

You can also try to clear the Active Logins via Clear Recent History to see if that helps.
I don't know if those logins apply to this situation with using a card reader.

LiamH
LiamH
more options

I had this problem and I did two things: first, I unblocked the site in NoScript, and second, I reset the recent history. After that it worked without problem.

evanward1
evanward1 კითხვის დამსმელი
more options

Thanks for all the replies. The problem is not site specific. Clearing the active logins is another workaround. Perhaps the issue is that active logins are not reset when the smart card is remove and reinserted. Is there a bug tracker where I can report this?

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 10 Contributor
more options

Hi evanward1, you can file a bug here: https://bugzilla.mozilla.org/