Securing LDAP username and password in Websphere

Similar Messages

• Claims Based Authentication SPSecurityTokenService.Issue() failed: The security token username and password could not be validated.

  Please excuse the lousy table...Its late :-)
  I have a multi-server SP2010 farm.  Patched up to
  Configuration database version: 14.0.6106.5002
  My goal is to have a claims based web application that authenticated to ADAM for Extranet.  I have configured the servers exactly to MSDN and technet specs (following this spec to the
  letter (
  http://technet.microsoft.com/en-us/library/ee806882.aspx) to allow the forms side of the web app to authenticate to ADAM.
  IT WORKS IN DEV!!! , which is a single server farm.  However, it does not work in production.  I get the following:
  Claims Auth log entries:
  1:06:25 AM
  w3wp.exe (0x0EDC)                      
  0x1790
  SharePoint Foundation        
  Claims Authentication        
  f2ut
  Verbose
  Authenticated with login provider. Validating request security token.
  1:06:25 AM
  w3wp.exe (0x0EDC)                      
  0x1790
  SharePoint Foundation        
  Claims Authentication        
  0
  Verbose
  Using membership provider 'ADAMProvider'.
  1:06:25 AM
  w3wp.exe (0x0EDC)                      
  0x1790
  SharePoint Foundation        
  Claims Authentication        
  0
  Verbose
  Doing password check on '[email protected]'.
  1:06:46 AM
  w3wp.exe (0x0EDC)                      
  0x1790
  SharePoint Foundation        
  Claims Authentication        
  0
  Verbose
  Failed password check on '[email protected]'.
  1:06:46 AM
  w3wp.exe (0x0EDC)               
  0x1790
  SharePoint Foundation        
  Claims Authentication        
  0
  Unexpected
  Password check on '[email protected]' generated exception: 'System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security
  token username and password could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).'.
  1:06:46 AM
  w3wp.exe (0x0EDC)                      
  0x1790
  SharePoint Foundation        
  Claims Authentication        
  fo1t
  Monitorable
  SPSecurityTokenService.Issue() failed: System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password
  could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).
  1:06:46 AM
  w3wp.exe (0x1B34)                      
  0x08A0
  SharePoint Foundation        
  Claims Authentication        
  fsq7
  High   
  Request for security token failed with exception: System.ServiceModel.FaultException: The security token username and password could not be validated.    
  at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response)    
  at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)  
    at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst)    
  at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo)
  1:06:46 AM
  w3wp.exe (0x1B34)                      
  0x08A0
  SharePoint Foundation        
  Claims Authentication        
  8306
  Critical
  An exception occurred when trying to issue security token: The security token username and password could not be validated..
  1:06:46 AM
  w3wp.exe (0x1B34)                      
  0x08A0
  SharePoint Foundation        
  Claims Authentication        
  f2un
  Verbose
  Form authentication failed.
  I have tried EVERYTHING (well, nt everything, I don’t have the fix I suppose). 
   I found plenty out there and nothing directly correlates with this issue. 
  I searched on all parts of the errors I got.
  This contains an interesting blurb about setting up access for the apppool id correctly. 
  That’s not the case for me.  It works in dev and the same id are used there. 
  http://sharepoint-2010-world.blogspot.com/2011/03/adam-forms-based-authentication-in.html
  This was good but it doesn’t give specs on what the environment looks like:
  http://social.msdn.microsoft.com/Forums/en/sharepoint2010general/thread/557143a6-4b36-4939-bb7f-d62a9335fd18
  The was interesting…but I am patched up beyond the June 2011 CU so it’s a moot point:
  http://social.technet.microsoft.com/Forums/en-US/sharepoint2010setup/thread/9b8368ef-c5e5-4ead-b348-7b2b5587cfc8
  Any and all help would be greatly appreciated!

  Hi.
  You say its a multiserver farm, do you have more than one web server then?
  If thats the case, have you tried accessing the site on each server directly?
  Found this for you, maybe that can help?
  Troubleshooting Exceptions: System.ServiceModel.FaultException`1
  http://msdn.microsoft.com/en-us/library/bb907220.aspx
  and this:
  SharePoint 2010 Claims Authentication - The security token username and password could not be validated reoccurring every morning
  http://social.technet.microsoft.com/Forums/pl-PL/sharepoint2010setup/thread/383f1f9b-5c4a-4e19-b770-2a54b7ab1ca1
  and
  This seems to be a good guide:
  http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/
  Good luck
  Thomas Balkeståhl - Technical Specialist - SharePoint - http://blksthl.wordpress.com

• An exception occurred when trying to issue security token: The security token username and password could not be validated..

  Hi all,
  I have create custom SQL membership provider into Sharepoint 2013.
  I have add provider setting in central admin ,Web app & STS config file.
  When using Web app Mixed mode authentication.I am able to fetch users & role.Its working fine.
  But when I am using
  SPClaimsUtility.AuthenticateFormsUser(Context.Request.UrlReferrer, txtUserName.Text.Trim(), txtPassword.Text.Trim()) == false)
  this function always return false .
  Please help me out what will be the cause.
  Is any ways to debug my code when we call "SPClaimsUtility.AuthenticateFormsUser"
  Regards
  Sachin

  Hi all,
  I have create custom SQL membership provider into Sharepoint 2013.
  I have add provider setting in central admin ,Web app & STS config file.
  When using Web app Mixed mode authentication.I am able to fetch users & role.Its working fine.
  But when I am using
  SPClaimsUtility.AuthenticateFormsUser(Context.Request.UrlReferrer, txtUserName.Text.Trim(), txtPassword.Text.Trim()) == false)
  this function always return false .
  Please help me out what will be the cause.
  Is any ways to debug my code when we call "SPClaimsUtility.AuthenticateFormsUser"
  Regards
  Sachin

• Web service username and password problems

  Hi,
  I am trying to create a client to consume webservices exposed on a secure .net platform that is SSL protected (https).
  I am using netbeans 6 with WSIT support. When I create the web service and add the WSDL file - it comes up with the certificate that I then approve, but then just displays a IO Exception. When I access the WSDL through a browser, it requests a username and password (which I supply) and it works fine.
  I've tried on Netbeans 5.5 but with no luck - it asks for a username and password (at least) but doesn't accept them.
  How can I connect to an https web service that requires a LDAP username and password?
  Thanks,
  Brendan

  I'm guessing that you are trying to call an EBS API and are using FND_WEB_SEC to test that the user account is valid in FND_USER first before executing the API call. In that instance, you'll likely need to use the Oracle Applications Adapter for EBS if you want to authenticate the user through FND_USER.
  If you've not purchased that adapter, you could use a simple BPEL process, with a regular database adapter to firstly call the FND_WEB_SEC package to authenticate. Pass the response from eBS into a bpel variable, add a bpel switch based on the outcome of that variable either execute the API call or  throw an authentication error if the call failed.
  You can wrap all this up into one web service that then calls this bpel process, taking the username and password as as input parameters.
  Phil

• Scripted LDAP Probe w/username and password

  I have a scripted LDAP rpobe currently in use. It uses the anonymous bind authentication to work and it works just fine. However they want to go to a username and password instead for security reasons. So I used the script that was previously supplied on this forum to create the HEX. See below:
  $username = "uid=XXXXXX,cn=support,dc=enterprise,dc=com";
  $password = "XXXXX";
  $len_username = length($username);
  $xlen_username = sprintf("%02x", $len_username); $len_password = length($password); $xlen_password = sprintf("%02x", $len_password);
  $username =~s/(.)/sprintf("%x",ord($1))/eg; $password =~s/(.)/sprintf("%x",ord($1))/eg;
  $temp = "020103" . "04" . $xlen_username . $username . "80" . $xlen_password . $password; $tlen = length($temp) / 2; $xtlen = sprintf("%02x",$tlen);
  $temp = "020101" . "60" . $xtlen . $temp;
  $tlen = length($temp) / 2;
  $xtlen = sprintf("%02x",$tlen);
  $temp = "30" . $xtlen . $temp;
  print $temp . "\n";
  I get this result in HEX, (last 6 characters are changed )
  303e0201016039020103042b7569643d214c4242494e442c636e3d737570706f72742c64633d656e74657270726973652c64633d636f6d800742316e64XXXXXX
  I added them to the Probe script here:
  ace_debug "sending ldap bind request"
  puts -nonewline $sock [ binary format "H*" NEW HEX STRING  ]
  flush $sock
  However this doesn't work, am I putting this new HEX string in the proper place or does everything look right?

  Robert-
    The string length maximum is 127 characters, you ended up with 128 somehow.  The string you send is specific to a few things, like the server type, how the array is created, etc.  You should check out this thread: https://supportforums.cisco.com/message/3613048#3613048 It has some decent information on it.
  Chris

• Calling A Secured webservice using Username and password in the Soap header

  I want to call a secured webservice.
  The Username and password should be sent with the payload in the SOAP Header
  as
  <wsse:Security S:mustunderstand="0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken wsu:Id="SecurityToken-XXXXXXXXXXXXXXXXXXXXXXXXX" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:Username>uname</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  Can you please send me the steps?
  I tried with giving the username and password under Service Account.
  I tried to create a wspolicy under business service. But nothing works...
  Please help me at the earliest.
  Also please give me steps in sequence.

  Now i made sure that the endpoint is available!
  Now am getting this error:
  <soapenv:Fault>
  <faultcode>soapenv:Server</faultcode>
  <faultstring>BEA-380002: localhost1</faultstring>
  <detail>
  <con:fault xmlns:con="http://www.bea.com/wli/sb/context">
  <con:errorCode>BEA-380002</con:errorCode>
  <con:reason>localhost1</con:reason>
  <con:location>
  <con:node>RouteNode1</con:node>
  <con:path>request-pipeline</con:path>
  </con:location>
  </con:fault>
  </detail>
  </soapenv:Fault>
  Also in the invocation trace i can observe the following things:
  Under Invocation Trace:-
  ========================
       Receiving request =====> Initial Message context
       ===============================================
       under added header:-
       ==================
       <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
       </soap:Header>
       under RouteNode1
  ================
       Route to "TargetMyService_BS"
  $header (request):-
  <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  </soap:Header>
  Under Message Context changes:-
  *===============================*
  I can find this element also:-
  con:security>
  *<con:doOutboundWss>false</con:doOutboundWss>*
  *</con:security>*
  eventhough we enabled ws security, how the above tag can be false?
  I think its getting failed to populate the header with the required login credentials.
  The other doubt i have is:-
  =================
  I have chosen the service account type is static...is this right?

• Extracting username and password from security header

  Hey all,
  I'm writing a BPEL process that invokes two secured web services. One of them authenticates using Username Token and the other has a authenticate method in which the username and password are supplied as Strings. I have successfully propagated the credentials from the BPEL process to the web service using Username Token by doing the following:
  1) I secured my BPEL process
  2) I imported oasis-200401-wss-wssecurity-secext-1.0.xsd and from it created a variable of type Security
  3) I added the security variable to the Header Variables for the BPEL process input
  4) I added the security variable to the Input Header Variables for the web service's invoke operation
  This worked fine. However, I need to be able to extract out the username and password and supply them as Strings to the authenticate method of the other web service. How can this be done? If it can't, what are some alternatives?
  Environment:
  JDeveloper 11.1.1.6.0
  Thanks,
  Bill

  Hi Sri,
  If I understand your steps correctly, I think the problem I'm having rests with the second step. I don't know how to get a hold of the username and password to assign to the local variables you mention. The BPEL process itself uses Username Token for authentication. These credentials need to be passed to the web services invoked within the BPEL process. If I assign the security header variable directly to the string output for the BPEL process, the string returned will be the complete XML security header, which includes the username and password. However, the security header variable itself doesn't expose the username and password directly. In other words, I can't expand the security header variable node in the dialog for editing the Assign operation and get to the username and password. I think one solution is to parse out the username and password from the complete XML security header using string operations (substring, index-within-string, etc). Also, regarding step 4, I'm not sure if passing the credentials in the header will work for this web service. I think the web service is expecting the credentials as parameters to its authenticate method.
  Thanks,
  Bill

• Connecting printer to a secure wireless network which requires both username and password

  I have the hp photosmart 6510. I have it in my college dorm, which has a secure network with requires both a user name and password. I need help setting it up as I can't seem to get the printer to enter a username and password. I know the printer works and I know that my computer can print wirelessly with the printer. My college game me this setup configuration.
  Configuration Item Preferred Value Optional Value (less preferred)
  Network Name of SSID umd-secure  
  802.1x Operating Mode
  (note: 802.11b is no longer supported) Infrastructure or Network (not ad hoc)  
  Security Mode Enterprise (not Personal)  
  Network Authentication WPA2 WPA-less prefered
   Data Encryption CCMP or AES (TKIP-less prefered)
  Roaming Identity or Outer Identity anonymous  
  Authentication Type or Outer Authentication TTLS (PEAP-Less prefered)
  Authentication Protocol or Inner Authentication PAP (MS-CHAPv2-less prefered)
  Validate Server Certificate or Verify Server Name Yes  
  Certificate Issuer or Trusted Root CA Thawte Premium Server CA  (Any Trusted CA -less prefered)
  Server Name or Certificate Name wireless.umd.edu  
  Server Name must match Yes  

  Hi @hatyai ,
  Thank you for visiting our English HP Support Forum. We are only able to reply to posts written in English. To insure a quick response it would be advisable to post your question in English. The following links are here to assist you if you prefer to post in the following Language Forum.
  English: http://h30434.www3.hp.com
  Spanish: http://h30467.www3.hp.com
  French: http://h30478.www3.hp.com
  Portuguese: http://h30487.www3.hp.com
  German: http://h30492.www3.hp.com
  Korean: http://h30491.www3.hp.com/t5/community/communitypage
  Simplified Chinese: http://h30471.www3.hp.com/t5/community/communitypage
  Thank you for your understanding
  I work for HP. However I speak only for myself, not for HP nor anyone else

• How do I add a SITE, USERNAME, and PASSWORD to the list in - Tools/Options/Security/Saved Passwords ?

  How do I force Firefox to remember and use my username and password for a site ?

  #Tools -> Options -> Security - tick "remember passwords"
  #Log in to a website
  You should be asked to save the user name and password upon login.

• Windows Security asking for username and password to access college intranet.

  I'm trying to access my college intranet form home and I get a dialog box called "windows security". It asks for a username and password. I've never set up a username or password. I've been onto internet setting>security and enabled "automatic
  logon with current username and password", this did not work. Please help, I really need to get onto the site!

  trying to access my college intranet form home
  Contact your college network support.  The syntax for specifying your authentication may be different than you usually use when you are just connecting there locally.
  Robert Aldwinckle

• Security issue: parameters username and password in the jbo:ApplicationModule

  Hello,
  in the <jbo:ApplicationModule> tag, you can give parameters for username and password, Then the .jsp connects to the DB via the username/password. Alternativly, You can provide this within the <Module>.properties file.
  Now the question: Isn't this a security hole? I mean, is it under all circumstances impossible, that the source-code can be delivered by the web-server or that the byte-code from the servlet (compiled from .jsp) can be "restringed"?
  Are there other ways to protect the credentials for accessing the ORACLE DB?
  Michael

  Hi John
  thank You very much. You wrote
  BC4J provides a number of mechanisms for specifying the DB username and password that do not require
  the password to be stored in a JSP page. By default, in 9.0.2, the DB password is stored in
  a BC4J configuration (persisted in a bc4j.xcfg file), which should be secured at the customer site. I've forgotten to mention our environment is SuSE7.2, DB 8.1.7.3, iAS 1.0.2.2, Portal 3.0.9.8.
  For simplicity we would like to use the first method via bc4j.xcfg, But our bc4j.xcfg looks as follows
  <quote>
  <BC4JConfig>
  <AppModuleConfigBag>
  <AppModuleConfig name="OPKv1ModuleLocal">
  <ApplicationName>de.condor.OPKv1.OPKv1Module</ApplicationName>
  <DeployPlatform>LOCAL</DeployPlatform>
  <JDBCName>WEBAPP_NETx</JDBCName>
  <jbo.project>de.condor.OPKv1.opkv1PRJ</jbo.project>
  </AppModuleConfig>
  </AppModuleConfigBag>
  </BC4JConfig>
  </quote>
  So the question is, where to leave schema/password?JDeveloper should have also generated a connection description in the same file named WEBAPP_NET. This
  named connection should contain the relevant elements. It is not recommended that you edit this file directly. The
  configuration editor and/or the connection editor should be used instead.
  Hope this helps.
  JR

• Webdynpro application taking MDM username and password from LDAP

  Hi All,
  I am working on EP-MDM integration.
  EP-LDAP , MDM-LDAP and EP-MDM have been integrated.
  The requirement is :
  When we run a webdynpro application from EP , it should take the user id and password of EP user who is currently logged in.(which is actually LDAP user and also exists for MDM) without hard coding it.
  The application will work according to the roles guaranteed to the user in MDM for eg: the user will be able to write into MDM only if he has read/write permissions in MDM.
  Please tell how the application will fetch the username and password from the EP details.
  Regards
  Shilpa

  Hi,
  You need to set a trusted connection between the EP and MDM System.
  And use the trusted connection JAVA API in the Web Dynpro to make a connection to MDM Repository. Trusted connection JAVA API will ask you only the username and not the password.
  Regards,
  Amol

• WSN 1.2 NI 9792 Security: Initial Setup? Default Username and Password?

  Hello,
  With NI WSN 1.1, using a 9792, I can click the Set Permissions button and if none had been set it would simply ask me for a new administrator password.  Now, with NI WSN 1.2, when I click on the Set Permissions button it takes me to the 9792's web interface and says "Either no one is logged in or you do not have permissions to view/edit users, groups, and permissions."  When I click the Login button, a box pops up and asks me for both a username and password.  I scoured the release notes, help files, and the internet and it seems there is NO documentation on how to setup the very first username/password combination nor does it state what default username/password combination there might be.  I also tried a brand new 9792 straight out of the box and loaded 1.2 on it and it has the same issue.  Is there something obvious that I'm missing?  How does someone initially set up security on the 9792?
  Solved!
  Go to Solution.

  Hello Garrett,
  Thanks for your post! 
  It looks like you are needing information on how to find out the log in information of your 9792. When using NI-WSN 1.1 we allowed users to set the initial password and this is still the case for the 9791. The 9792 is a NI-WSN node gateway as well as a LabVIEW Real Time target. Its default log in information can either be found in a Knowledge Base (KB) the LabVIEW help or MAX help. Are you using LabVIEW 2009 SP1 or LabVIEW 2010?
  The default user name and password is the following:
  username: admin
  password: <blank>
  KB
  Default Username and Password to Log into a Real-Time Controller
  http://digital.ni.com/public.nsf/allkb/14D8257A7724BE85862577F90071B73F
  LabVIEW Help
  Start >> All Programs >> National Instruments >> LabVIEW xx >> LabVIEW help
  then go to .. Fundamentasl >> Working with Prjects and Targets >> How-To >> Monitoring and Configuring a Remote Device from a Web Browser
  MAX Help
  Open MAX >> Help >> MAX Help (can also press F1 in MAX if open)
  then go to .. MAX Remote Systems Help >> LabVIEW Real-Time Target Configuration >> Device Configuration >> Logging into your System 
  The LabVIEW help link above is called out in the 9792 getting started guide under Related Documentation that directs you to the LabVIEW help.
  NI Wireless Sensor Network Getting Started Guide
  http://www.ni.com/pdf/manuals/372781c.pdf
  Is this the information that you were looking for? Please indicate if there is anything else we can do. 
  Cheers
  Corby 
  WSN R & D PSE

• New Imac. I get rid off login password from security and account and restart. Now it asks for username and password and it's not acepting anything. Any ideas?

  New Imac. I get rid off login password from security and accounts and restart. Now it asks for username and password and it's not acepting anything. Any ideas?

  First, reset your password as follows.
  Boot into Recovery by holding down the key combination command-R at startup. Release the keys when you see a gray screen with a spinning dial.
  When the OS X Utilities screen appears, select Utilities ▹ Terminal from the menu bar.
  In the Terminal window, type this:
  resetpassword
  That's one word with no spaces. Then press return. A Reset Password window opens.
  Select your boot volume if not already selected.
  Select your username from the menu labeled Select the user account if not already selected.
  Follow the prompts to reset the password. It's safest to choose a password that includes only the characters a-z, A-Z, and 0-9.
  Select  ▹ Restart from the menu bar.
  You should now be able to log in with the new password, but you won't be able to unlock the Keychain. If you've forgotten the Keychain password (which is ordinarily the same as your login password), there's no way to recover it. You’ll need to reset your keychain in the preferences of the Keychain Access application.
  If you're being prompted to authenticate when making changes to files inside your home folder, continue as follows.
  Back up all data now.
  This procedure will unlock all your user files (not system files) and reset their ownership and access-control lists to the default. If you've set special values for those attributes on any of your files, they will be reverted. In that case, either stop here, or be prepared to recreate the settings if necessary. If none of this is meaningful to you, you don't need to worry about it.
  Step 1
  Launch the Terminal application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.
  Drag or copy — do not type — the following line into the Terminal window, then press return:
  sudo chflags -R nouchg,nouappnd ~ $TMPDIR.. ; sudo chown -R $UID:20 ~ $_ ; chmod -R -N ~ $_ 2> /dev/null
  Be sure to select the whole line by triple-clicking anywhere in it. You'll be prompted for your login password, which won't be displayed when you type it. You may get a one-time warning not to screw up. You don't need to post the warning. If you don’t have a login password, you’ll need to set one before you can run the command.
  The command will take a noticeable amount of time to run. Wait for a new line ending in a dollar sign (“$”) to appear, then quit Terminal.
  Step 2
  Boot into Recovery by holding down the key combination command-R at startup. Release the keys when you see a gray screen with a spinning dial.
  When the OS X Utilities screen appears, select Utilities ▹ Terminal from the menu bar. A text window opens.
  In the Terminal window, type this:
  resetpassword
  That's one word with no spaces. Then press return. A Reset Password window opens. You’re not going to reset a password.
  Select your boot volume if not already selected.
  Select your username from the menu labeled Select the user account if not already selected.
  Under Reset Home Directory Permissions and ACLs, click the Reset button.
  Select  ▹ Restart from the menu bar.

• Hello How do I set up Firefox 8.0 so that It will Ask me if I want to save a Password for a website. At present I don't get an option every time I go into a website that I know is secure I have to enter username and password. I have been though tools etc.

  Hello How do I set up Firefox 8.0 so that It will Ask me if I want to save a Password for a website. At present I don't get an option every time I go into a website that I know is secure I have to enter username and password. I have been though tools etc.
  Thank you any help would be help full as every time I log into Face Book for example I have to provide all the Information and this is a pain
  Cheers Alex

  The website may be using autocomplete=off to prevent Firefox from saving the name and password.
  You can remove autocomplete=off with a bookmarklet to make Firefox save the name and password.
  *http://kb.mozillazine.org/User_name_and_password_not_remembered
  *Saved Password Editor: https://addons.mozilla.org/firefox/addon/saved-password-editor/