-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Filter WebDAV requests - possible conflict with webdav using windows explorer ? #57
Comments
http://dark9t.github.io/blog/2014/06/02/why-digest-authentication-fails-in-windows-7-mini-redirector/ might have put me on a possible workaround, ie select "save credentials" might force the web client to send the authorization headers on each request, avoiding the user_cas redirection to |
Hi @landryb, yes, that workaround seems reasonable. The problem is, that unauthorized WebDAV requests look like normal HTTP-requests to the server, and therefore are beeing redirected to the CAS-server, if you have "force authentication" enabled in user_cas. Regards, |
Well yes, force authentication is enabled. I dunno how to properly devise a workaround that would work 100% of the times. Maybe ignore the request in user_cas if the verb is OPTIONS ? Since the webui also does PROPFIND and works as a webdav client, that might disturb regular behaviours.. Matching the UA feels overly gross.. but that's what seems done in https://github.com/nextcloud/server/blob/master/.htaccess#L43 (which only works in apache, trying to translate that to nginx config lead me nowhere for now..) |
@landryb I’m thinking about building a filter for that. Thanks for the feedback! |
@felixrupp i dont see the commit which built a filter for this issue, can you tell me what the fix is ? |
@landryb You’re absolutely right, has been closed by accident. Reopening … |
/cib |
Fixed in version 1.9. Please review the function and close the ticket afterwards. Thanks! |
i've done the same testing as done in #94 from windows explorer, trying the various options offered by 'connect network shares'. (eg with user_cas 1.8.6 (and nextcloud 18) connecting to https://nextcloud_server/remote.php/webdav triggers two login prompts (first login fails?) before showing the webdav share as a connected drive. with user_cas 1.9.0, only one login prompt is necessary for the webdav share to be connected and shown, so it's clearly an improvement. thanks ! |
Using user_cas 1.6.1 & nginx to serve nextcloud, webdav works fine in most clients (ie winscp, gvfs/gio on linux, cadaver in a cli..) but with windows explorer (the damn thing most ppl would use..) it fails to login, as (apparently) the client does an
OPTIONS /
(even if given the full https://fqdn/remote.php/webdav/ URL) which is then redirected to/login
(because of https://github.com/felixrupp/user_cas/blob/master/appinfo/app.php#L38 ?), which is redirected to/apps/user_cas/login
, and at that point windows explorer bails out on WebDAV.Is it a known & reproducible issue ?
Is there something that could be done in the
user_cas
code to specialcase this, or document what to configure as redirections so that this case is properly working ?The text was updated successfully, but these errors were encountered: