Filter WebDAV requests - possible conflict with webdav using windows explorer ? #57
Comments
|
http://dark9t.github.io/blog/2014/06/02/why-digest-authentication-fails-in-windows-7-mini-redirector/ might have put me on a possible workaround, ie select "save credentials" might force the web client to send the authorization headers on each request, avoiding the user_cas redirection to |
|
Hi @landryb, yes, that workaround seems reasonable. The problem is, that unauthorized WebDAV requests look like normal HTTP-requests to the server, and therefore are beeing redirected to the CAS-server, if you have "force authentication" enabled in user_cas. Regards, |
|
Well yes, force authentication is enabled. I dunno how to properly devise a workaround that would work 100% of the times. Maybe ignore the request in user_cas if the verb is OPTIONS ? Since the webui also does PROPFIND and works as a webdav client, that might disturb regular behaviours.. Matching the UA feels overly gross.. but that's what seems done in https://github.com/nextcloud/server/blob/master/.htaccess#L43 (which only works in apache, trying to translate that to nginx config lead me nowhere for now..) |
|
@landryb I’m thinking about building a filter for that. Thanks for the feedback! |
felixrupp
changed the title
|
@felixrupp i dont see the commit which built a filter for this issue, can you tell me what the fix is ? |
|
@landryb You’re absolutely right, has been closed by accident. Reopening … |
|
/cib |
|
Fixed in version 1.9. Please review the function and close the ticket afterwards. Thanks! |
|
i've done the same testing as done in #94 from windows explorer, trying the various options offered by 'connect network shares'. (eg with user_cas 1.8.6 (and nextcloud 18) connecting to https://nextcloud_server/remote.php/webdav triggers two login prompts (first login fails?) before showing the webdav share as a connected drive. with user_cas 1.9.0, only one login prompt is necessary for the webdav share to be connected and shown, so it's clearly an improvement. thanks ! |
Using user_cas 1.6.1 & nginx to serve nextcloud, webdav works fine in most clients (ie winscp, gvfs/gio on linux, cadaver in a cli..) but with windows explorer (the damn thing most ppl would use..) it fails to login, as (apparently) the client does an
OPTIONS /(even if given the full https://fqdn/remote.php/webdav/ URL) which is then redirected to/login(because of https://github.com/felixrupp/user_cas/blob/master/appinfo/app.php#L38 ?), which is redirected to/apps/user_cas/login, and at that point windows explorer bails out on WebDAV.Is it a known & reproducible issue ?
Is there something that could be done in the
user_cascode to specialcase this, or document what to configure as redirections so that this case is properly working ?The text was updated successfully, but these errors were encountered: