[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Inf-IT DAVcl] carddavmate xml login not working


I have try again with clean Browser cache and it seems that the XML
response is correct but the GlobalLoginUsername isnt set.

Regards Basti

p.s. ist possible to change/delete a mail after sending to ml?

On 19.07.2013 13:57, basti wrote:
> When I set crossdomain to null I get:
> Info: [globalNetworkCheckSettings:
> 'https://kalender.myserver.de/carddavmate/auth/'] crossDomain set to:
> 'false' in "firebug".
> 
> In both cases I get a XML as described before.
> 
> The certificate is known by the browser, when I try to open
> 
> https://kalender.myserver.de/caldav.php/tuser it just ask for username/
> passwd.
> 
> I have search for GlobalLoginUsername and this also set, when I XML.
> 
> Regards,
> basti
> 
> On 19.07.2013 12:56, Ján Máté wrote:
>> Hi,
>>
>> On Jul 19, 2013, at 12:15 PM, basti <mailinglist@xxxxxxxxxxxxxxxx> wrote:
>>
>>> Hello,
>>>
>>> we try to use Carddavmate with XML-auth to implement this in owr own
>>> software.
>>> At the moment we have the following config:
>>>
>>> Davical Server: https://kalender.myserver.de/caldav.php
>>> Carddavmate:    https://kalender.myserver.de/carddavmate/
>>>
>>> config.js
>>>
>>> var globalNetworkCheckSettings={href:
>>> location.protocol+'//'+location.hostname+(location.port ?
>>> ':'+location.port:
>>> '')+location.pathname.replace(RegExp('/+[^/]+/*(index\.html)?$'),'')+'/carddavmate/auth/',
>>> crossDomain: true, withCredentials: false, syncInterval: 0, timeOut:
>>> 30000, additionalResources: ['nx4group'], delegation: true};
>>
>> why "crossDomain: true"? ... both DAViCal server and also CardDavMATE use the same 
>> origin (protocol, host, port) "https://kalender.myserver.de"; => your setup is NOT cross-domain
>>
>>> /auth/config.inc
>>>
>>> <?php
>>>    // auth method: generic (auth/plugins/generic_conf.inc) or ldap
>>> (auth/plugins/ldap_conf.inc)
>>>    $config['auth_method']='generic';
>>>
>>>    // set to true for debugging XML response, otherwise set to false to
>>> avoid browser
>>>    //  to show http authentication window after unsuccessful authentication
>>>    $config['auth_send_authenticate_header']=false;
>>>
>>>    // successfull authentication XML specification (change the
>>> "http://www.server.com:80"; to your protocol/server/port)
>>>    $config['accounts']=array('resources'=>array());
>>>
>>>    // note: if you want to use regex values, then use one of the
>>> following formats (the second example is with regex modifier):
>>> 're:.*someregex.*[0-9]$' or 're|i:.*someregex.*[0-9]$'
>>>    $config['accounts']['resources'][]=array(
>>>        'resource'=>array(
>>>            'type'=>array('addressbook'=>''),
>>>
>>> 'href'=>'https://kalender.myserver.de/caldav.php/'.$_SERVER['PHP_AUTH_USER'].'/',
>>>            'hreflabel'=>'',        // if undefined or empty href value
>>> is used (see above)
>>>            'crossdomain'=>'true',        // set to true for different
>>> protocol/server/port origin (default is null = autodetect)
>>>            'forcereadonly'=>'null',    // see
>>> auth/doc/example_config_response.xml for proper use, for example:
>>> 'forcereadonly'=>array(array('collection'=>'/caldav.php/user/collection/'),
>>> array('collection'=>'re:^/caldav.php/user/collection[0-9]/$')),
>>>            'withcredentials'=>'false',    // for experts only (note: if
>>> true, Access-Control-Allow-Origin "*" is not allowed)
>>>            'showheader'=>'true',        // if undefined, empty or not
>>> false header is displayed
>>>            'settingsaccount'=>'true',    // client properties are saved
>>> here (note: set it to true only for ONE account)
>>>            'checkcontenttype'=>'true',    // check content-type in the
>>> server response (if you cannot see data in the interface /buggy server
>>> response/ you may try to disable it)
>>>            'delegation'=>'true',        // see
>>> auth/doc/example_config_response.xml for proper use, for example:
>>> 'delegation'=>array(array('resource'=>'/caldav.php/user%40domain.com/'),
>>> array('resource'=>'re|i:^/caldav.php/a[b-x].+/$')),
>>>            'userauth'=>array(
>>>                'username'=>$_SERVER['PHP_AUTH_USER'],
>>>                'password'=>$_SERVER['PHP_AUTH_PW']
>>>            ),
>>>            'syncinterval'=>60000,
>>>            'timeout'=>30000,
>>>            'locktimeout'=>10000
>>>        )
>>>    );
>>> ?>
>>>
>>> auth/generic.conf
>>>
>>> <?php
>>>    // Server base URL
>>>    $pluginconfig['base_url']='https://kalender.myserver.de';
>>>
>>>    // Default values are usually OK
>>>    //  for Davical:
>>>    $pluginconfig['request']='/caldav.php';    // change only if your
>>> Davical is not installed into server root directory
>>>    //  for Lion server:
>>>    //$pluginconfig['request']='/principals/users';
>>>
>>>    $pluginconfig['timeout']=30;
>>> ?>
>>>
>>> the xml (header) looks like:
>>>
>>> <resources xmlns="urn:com.inf-it:configuration">
>>> <resource>
>>> <type>
>>> <addressbook></addressbook>
>>> </type>
>>> <href>https://kalender.myserver.de/caldav.php/tuser/</href>
>>> <hreflabel></hreflabel>
>>> <crossdomain>true</crossdomain>
>>> <forcereadonly>null</forcereadonly>
>>> <withcredentials>false</withcredentials>
>>> <showheader>true</showheader>
>>> <settingsaccount>true</settingsaccount>
>>> <checkcontenttype>true</checkcontenttype>
>>> <delegation>true</delegation>
>>> <userauth>
>>> <username>tuser</username>
>>> <password>123456</password>
>>> </userauth>
>>> <syncinterval>60000</syncinterval>
>>> <timeout>30000</timeout>
>>> <locktimeout>10000</locktimeout>
>>> </resource>
>>> </resources>
>>
>> the same problem (<crossdomain>true</crossdomain>) ... why you not
>> use the default (null = autodetect)?
>>
>>> But we cant login, the is always the login-screen shown
>>>
>>> auth/index.php
>>>
>>> <?php
>>>    require_once('config.inc');
>>>    require_once('common.inc');
>>>    require_once('cross_domain.inc');
>>>    require_once('plugins/'.$config['auth_method'].'.inc');    //
>>> configured module - it defines the 'MODULE_authenticate()' function
>>>
>>>    if(call_user_func($config['auth_method'].'_authenticate')!==1)
>>>    {
>>>        // HTTP authentication (exit if unsuccessfull)
>>>        if($config['auth_send_authenticate_header'])
>>>            header('WWW-Authenticate: Basic realm="Inf-IT Auth Module"');
>>>        header('HTTP/1.0 401 Unauthorized');
>>> echo <<<HTML
>>> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
>>> <html>
>>>    <head>
>>>    <title>401 Authorization Required</title>
>>>    </head>
>>>    <body>
>>>    <h1>Authorization Required</h1>
>>>    <p>This server could not verify that you are authorized to access
>>> the document requested. Either you supplied the wrong credentials (e.g.,
>>> bad password), or your browser doesn't understand how to supply the
>>> credentials required.</p>
>>>    </body>
>>> </html>
>>> HTML;
>>>        exit(0);
>>>    }
>>>    else
>>>    {
>>> /* debug output */
>>> exit ("here we are but login screen is still shown");
>>>        header('Content-type: text/xml; charset="utf-8"');
>>>        echo array_to_xml($config['accounts']);
>>>
>>>    }
>>> ?>
>>
>> So looks like you get the XML response from the auth module (you can test it
>> by opening directly the /auth/ URL and entering your credentials) ... if the client
>> gets the configuration XML then the auth module is working correctly.
>>
>> Usually the problem is related to your server certificate. Are you sure that your 
>> server certificate is trusted by your browser? ... if you visit a HTTPS server with 
>> invalid certificate your browser will ask to add exception, but JavaScript cannot 
>> ask for exception - it will simply refuse to connect.
>>
>> Try to open the principal URL directly in your browser and if it will ask you for exception
>> then this is the problem.
>>
>>
>> JM
>>
> 

Follow-Ups:
Re: [Inf-IT DAVcl] carddavmate xml login not workingJán Máté <jan.mate@xxxxxxxxxx>
References:
[Inf-IT DAVcl] carddavmate xml login not workingbasti <mailinglist@xxxxxxxxxxxxxxxx>
Re: [Inf-IT DAVcl] carddavmate xml login not workingJán Máté <jan.mate@xxxxxxxxxx>
Re: [Inf-IT DAVcl] carddavmate xml login not workingbasti <mailinglist@xxxxxxxxxxxxxxxx>