Server to server sharing / webdav auth inconsistency #12585
Comments
|
Considering that having a non-configured CC @jnfrmarks |
|
We have an inconsistency if this works for 6 and 8 but not 7. I'm thinking that this should not work for any version if .htaccess is not configured. |
|
Or the alternative, make it always work regardless of |
|
@PVince81 maybe this one is related, i just was about to open a new ticket for it to investigate: I have a shared folder from an OC 8 (yesterdays build) to an OC 7.0.2 instance (web hosted). I can connect those folders and browse it from the OC7 instance, but if i want to download or open a file, i get an error. Here´s the Trace: {"reqId":"6d759195bb3a5079982829f70ef9eff0","remoteAddr":"2001:4ba0:xxxx:139::250:xxxx","app":"webdav","message":"Exception: {"Message":"","Code":0,"Trace":"#0 \/var\/www\/owncloud\/3rdparty\/sabre\/dav\/lib\/Sabre\/DAV\/Server.php(530): OC_Connector_Sabre_File->get()\n#1 \/var\/www\/owncloud\/lib\/private\/connector\/sabre\/server.php(89): Sabre\DAV\Server->httpGet('etrij.oct2010.0...')\n#2 [internal function]: OC_Connector_Sabre_Server->httpGet('etrij.oct2010.0...')\n#3 \/var\/www\/owncloud\/3rdparty\/sabre\/dav\/lib\/Sabre\/DAV\/Server.php(474): call_user_func(Array, 'etrij.oct2010.0...')\n#4 \/var\/www\/owncloud\/3rdparty\/sabre\/dav\/lib\/Sabre\/DAV\/Server.php(214): Sabre\DAV\Server->invokeMethod('GET', 'etrij.oct2010.0...')\n#5 \/var\/www\/owncloud\/apps\/files_sharing\/publicwebdav.php(59): Sabre\DAV\Server->exec()\n#6 \/var\/www\/owncloud\/public.php(48): require_once('\/var\/www\/ownclo...')\n#7 {main}","File":"\/var\/www\/owncloud\/lib\/private\/connector\/sabre\/file.php","Line":165}","level":4,"time":"December 03, 2014 23:06:56"} {"reqId":"2fa6dcbeeff48ee3ce528758a34bf001","remoteAddr":"2a02:2450:xxxx:1fd:xxxx:xxxx:xxxx:3d02","app":"PHP","message":"Undefined variable: user at /var/www/owncloud/lib/private/connector/sabre/principal.php#56","level":3,"time":"December 03, 2014 23:07:01"} What do you think ? |
|
@derkostka if it was related, then making sure that your OC 8 instance is configured properly as per http://doc.owncloud.org/server/7.0/admin_manual/installation/source_installation.html#configuring-owncloud Or try sharing with a password, that should work too. |
|
Ref #13398 |
|
Likely obsolete. And if not, it's more tech debt but doesn't hurt. |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Steps
Expected result
6, 7, 8 all work.
Actual result
6, 8 work but not 7
Versions
OC1 was 7.0.3
OC2 was 7.0.3
Explanation
curl -X PROPFIND -D - http://d64aa9eb101889511351975471e31d2f@domain.tld/owncloud/public.php/webdav/When only a user name is given, curl will somehow decide to add a header
WWW-Authenticate: Basic realm="ownCloud"which will trigger another auth logic from SabreDAV which expects a "Authorization" header, which only works when.htaccessis configured properly.curl -X PROPFIND -D - http://d64aa9eb101889511351975471e31d2f:test@domain.tld/owncloud/public.php/webdav/In this case no extra realm header, authentication always works.
curl -X PROPFIND -D - http://user:password@domain.tld/owncloud/remote.php/webdav/Same as 7, the fact that both user and password are there doesn't trigger the realm header.
Now where it gets interesting is that if you have a share that does not expect a password, you can do this:
curl -X PROPFIND -D - http://d64aa9eb101889511351975471e31d2f:dummypassword@domain.tld/owncloud/public.php/webdav/.Passing a dummy password will not trigger the realm header, but also the target server does not care about the password since it is not expecting one.
So, possible fixes:
OR
@icewind1991 @LukasReschke
The text was updated successfully, but these errors were encountered: