[Fusionforge-general] webdav for docman not working (with LDAP)

Franck Villaume franck.villaume at trivialdev.com
Wed Mar 1 16:04:20 CET 2017


You can disable the feature by setting use_docman_webdav = no

Best
Franck

---- Michael Kluge a écrit ----

>Hi Franck,
>
>OK, so I will just tell the user that it is broken at the moment ...
>
>
>Regards, Michael 
>
>
>> Hi Mickael,
>> 
>> True, docman webdav implementation uses session_login_valid which calls session_before_login then use session_login_valid_dbonly That
>> works with AuthBuiltIn since account are stored in database.
>> That works with AuthLDAP since there is a sync between LDAP and database.
>> 
>> In case of sysauthldap plugin, there is no sync between LDAP and pgsql database. Therefore the high-level session_login_valid does not
>> work since session_login_valid_dbonly returns false.
>> 
>> First feeling is something is missing in the session_login_valid function to support all use-cases.
>> Second feeling, there is some mess with Auth* plugins, Sysauth* plugins and account_manager_type  parameter which can be: pgsql, unix,
>> ldap
>> 
>> Best,
>> Franck
>> 
>> > Le 28 février 2017 à 07:58, Michael Kluge <michael.kluge at tu-dresden.de> a écrit :
>> >
>> >
>> > Hi Franck,
>> >
>> > A bit more information: git+svn authentication on the scm host is done with sysauthldap, Web GUI authentication with authhttpd. I read
>> the code of the webdav implementaion and it looks it uses a function session_login_valid() which in turn calls a hook "session_before_login"
>> in all authentication plugins. But authhttpd does not have such a plugin function defined. Actually none of the authentication plugins have
>> that function defined. I can not find this string in the installed source code anywhere.
>> >
>> >
>> > Regards, Michael
>> >
>> > > -----Ursprüngliche Nachricht-----
>> > > Von: Fusionforge-general
>> > > [mailto:fusionforge-general-bounces at lists.fusionforge.org] Im
>> > > Auftrag von Michael Kluge
>> > > Gesendet: Dienstag, 28. Februar 2017 07:16
>> > > An: franck.villaume at trivialdev.com;
>> > > fusionforge-general at lists.fusionforge.org
>> > > Betreff: Re: [Fusionforge-general] webdav for docman not working
>> > > (with LDAP)
>> > >
>> > > Hi Franck,
>> > >
>> > > > Linux & any Browser authentication are working correctly with
>> > > > AuthBuiltin and AuthLDAP (both tested using vanilla installation running latest master code on CentOS 7).
>> > > > No specific configuration to do.
>> > >
>> > > Well, not in my case. Neither the browser nor BitKinex work. I only
>> > > see 401 error codes in the log. What I get in the browser for such
>> > > an URL is a standard popup for basic auth. But we do not use basic
>> > > authentication. It is either LDAP or Shibboleth in our case (which works for svn, git on scm... and the whole Web GUI). Except for
>> docman. I think there is something missing in my setup so that all docman/XYZ/webdav requests are authenticated through LDAP and not
>> Shibboleth or basic auth. Does this make sense?
>> > >
>> > >
>> > > Regards, Michael
>> > >
>> > > >
>> > > > However Microsoft Windows will not work unless you run Windows XP.
>> > > > For Microsoft support, you have to use standard webdav client such as BitKinex.
>> > > > Authentication implementation is webdav basic, which is not supported in higher version of Windows.
>> > > >
>> > > > Best,
>> > > > Franck aka nerville
>> > > >
>> > > >
>> > > > Le 27/02/2017 à 13:29, Michael Kluge a écrit :
>> > > > > Oh, one thing more: If I access the webdav URL via the brower, I
>> > > > > get an request (via a small popup) to enter my credentials
>> > > > > again. If I
>> > > > do this, it fails as well.
>> > > > > This is what I see in the log in this case:
>> > > > > 141.30.248.228 [27/Feb/2017:13:24:03 +0100] "GET
>> > > > > /docman/view.php/346/webdav HTTP/1.1" 401 -
>> > > > > "https://fusionforge.zih.tu-
>> > > > dresden.de/docman/?group_id=346" "Mozilla/5.0 (Windows NT 10.0;
>> > > > Win64;
>> > > > x64) AppleWebKit/537.36 (KHTML, like Gecko)
>> > > > Chrome/56.0.2924.87 Safari/537.36"
>> > > > >
>> > > > >
>> > > > > Regards, Michael
>> > > > >
>> > > > >
>> > > > >
>> > > > > _______________________________________________
>> > > > > Fusionforge-general mailing list
>> > > > > Fusionforge-general at lists.fusionforge.org
>> > > > > http://lists.fusionforge.org/cgi-bin/mailman/listinfo/fusionforg
>> > > > > e-ge
>> > > > > ne
>> > > > > ral
>> > > >
>> > > >
>> > > > --
>> > > > TrivialDev Founder
>> > > > http://trivialdev.com
>> >
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fusionforge.org/pipermail/fusionforge-general/attachments/20170301/6c27e833/attachment-0001.html>


More information about the Fusionforge-general mailing list