[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Inf-IT DAVcl] 404 error when authenticating (with cross-domain)


I eventually understood my mistake : I configured my *default* vhost with those lines instead of my DAViCal vhost, thus cross-domain requests could not work.

I can now try using TLS.

Thank you for your help (and for your great work !)

Julien

-------- Message original --------
Sujet: Re: [Inf-IT DAVcl] 404 error when authenticating (with cross-domain)
De : Ján Máté <jan.mate@xxxxxxxxxx>
Pour : davclients@xxxxxxxxxx
Date : 10/07/2013 17:00

No,

the OPTIONS preflight request MUST be performed WITHOUT authentication
(see http://www.w3.org/TR/cors/) and:

RewriteCond %{HTTP:Access-Control-Request-Method} !^$
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]

prevents DAViCal to check the username/password because [R=200,L] says:
return 200 and STOP processing the request.

So the browser will get ONLY the CORS headers (set before the RewriteRule line) and 200 (success).
This preflight request is NOT processed by DAViCal!


JM

On Jul 10, 2013, at 4:46 PM, "Julien Métairie" <ruliane@xxxxxxxxxxx> wrote:

Thanks for your answer Ján.

Your explanation make me think that the problem comes from the "401
Unauthorized" answer, thought it is a normal behavior since I need to
authenticate against DAViCal. My browser should try to authenticate with
the user/password entered I entered, which is not the case.

Julien