Problem with HTTP auth

[LukasSliacky]

Hi, i have problem with creating calendar with http autentication. I tried lot of clients, but i have same problem with login and password. I don’t know, whether is in side of client or side of server, but scenario is same with all clients, therefore write here.

Radicale version: 1.1.1 (installed by pip) on virtual enviroment. Python: 3.4

For advanced debugging i modified file "http.py"

def is_authenticated(user, password):
    """Check if ``user``/``password`` couple is valid."""
    log.LOGGER.debug("HTTP-based auth on %s." % AUTH_URL)
    payload = {USER_PARAM: user, PASSWORD_PARAM: password}

    print('username:', user,
          'password:', password,
          'Status Code:', requests.post(AUTH_URL, data=payload).status_code
          )

    return requests.post(AUTH_URL, data=payload).status_code in (200, 201)

Autentication server is based on framework Flask and source code is: (only print request info and answer with code 200)

@blueprint.route('/user_auth/', methods=['GET', 'POST'])
def user_auth():

    print('request info:', request.form)

    return ('ok', 200)

my config.txt

"auth":

"type": "http",

"http_url": "http://192.168.48.43:5000/api_v1.0/user_auth/",
"http_user_parameter": "http_user_parameter",
"http_password_parameter": "http_password_parameter"},

"rights"

"type": "authenticated"

Okay and problem:

I tried clients: Evolution (Ubuntu) DAVDroid (Android) MAC Calendar

and only from DAVDroid i see printed username and password:

Creating calendar in DAVDroid have two steps: 1:

In Radicale output i see inserted username and password:

(line: ##### Print: username: TestUser password: TestPassword Status Code: 200)

Logging configuration file '/etc/radicale/logging' not found, using stdout.
Starting Radicale
Authentication type is http
Base URL prefix: /
Listening to fuxo-VirtualBox port 5232
Radicale server ready
PROPFIND request at / received
Request headers:
{'CONTENT_LENGTH': '290',
 'CONTENT_TYPE': 'application/xml; charset=utf-8',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_ENCODING': 'gzip',
 'HTTP_ACCEPT_LANGUAGE': 'sk-SK, sk;q=0.7, *;q=0.5',
 'HTTP_CONNECTION': 'Keep-Alive',
 'HTTP_DEPTH': '0',
 'HTTP_HOST': '192.168.43.48:5232',
 'HTTP_USER_AGENT': 'DAVdroid/1.3.2.2-gplay (2016/10/05; dav4android; '
                    'okhttp3) Android/6.0',
 'PATH_INFO': '/',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '192.168.43.1',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'PROPFIND',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'fuxo-VirtualBox',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=5>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
Sanitized path: /
HTTP-based auth on http://192.168.43.48:5000/api_v1.0/user_auth/.
Starting new HTTP connection (1): 192.168.43.48
##### Print: username: None password: None Status Code: 200
Starting new HTTP connection (1): 192.168.43.48
Rights type 'authenticated'
Test if ':/' matches against '.+:.*' from section 'rw'
Anonymous has NO read access to collection /
Rights type 'authenticated'
Test if ':/' matches against '.+:.*' from section 'rw'
Anonymous has NO write access to collection /
Request content:
<?xml version='1.0' encoding='UTF-8' ?><propfind xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CARD="urn:ietf:params:xml:ns:carddav"><prop><resourcetype /><displayname /><CARD:addressbook-description /><CARD:addressbook-home-set /><current-user-principal /></prop></propfind>
Response content:
<?xml version="1.0"?>
<multistatus xmlns="DAV:" />
Answer status: 207 Unknown
PROPFIND request at /.well-known/carddav received
Request headers:
{'CONTENT_LENGTH': '198',
 'CONTENT_TYPE': 'application/xml; charset=utf-8',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_ENCODING': 'gzip',
 'HTTP_ACCEPT_LANGUAGE': 'sk-SK, sk;q=0.7, *;q=0.5',
 'HTTP_CONNECTION': 'Keep-Alive',
 'HTTP_DEPTH': '0',
 'HTTP_HOST': '192.168.43.48:5232',
 'HTTP_USER_AGENT': 'DAVdroid/1.3.2.2-gplay (2016/10/05; dav4android; '
                    'okhttp3) Android/6.0',
 'PATH_INFO': '/.well-known/carddav',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '192.168.43.1',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'PROPFIND',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'fuxo-VirtualBox',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=5>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
Sanitized path: /.well-known/carddav
Refused /.well-known/ redirection to anonymous user
PROPFIND request at /.well-known/carddav received
Request headers:
{'CONTENT_LENGTH': '198',
 'CONTENT_TYPE': 'application/xml; charset=utf-8',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_ENCODING': 'gzip',
 'HTTP_ACCEPT_LANGUAGE': 'sk-SK, sk;q=0.7, *;q=0.5',
 'HTTP_AUTHORIZATION': 'Basic VGVzdFVzZXI6VGVzdFBhc3N3b3Jk',
 'HTTP_CONNECTION': 'Keep-Alive',
 'HTTP_DEPTH': '0',
 'HTTP_HOST': '192.168.43.48:5232',
 'HTTP_USER_AGENT': 'DAVdroid/1.3.2.2-gplay (2016/10/05; dav4android; '
                    'okhttp3) Android/6.0',
 'PATH_INFO': '/.well-known/carddav',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '192.168.43.1',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'PROPFIND',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'fuxo-VirtualBox',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=5>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
Sanitized path: /.well-known/carddav
/.well-known/ redirection to: /TestUser/carddav/
PROPFIND request at /TestUser/carddav/ received
Request headers:
{'CONTENT_LENGTH': '198',
 'CONTENT_TYPE': 'application/xml; charset=utf-8',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_ENCODING': 'gzip',
 'HTTP_ACCEPT_LANGUAGE': 'sk-SK, sk;q=0.7, *;q=0.5',
 'HTTP_AUTHORIZATION': 'Basic VGVzdFVzZXI6VGVzdFBhc3N3b3Jk',
 'HTTP_CONNECTION': 'Keep-Alive',
 'HTTP_DEPTH': '0',
 'HTTP_HOST': '192.168.43.48:5232',
 'HTTP_USER_AGENT': 'DAVdroid/1.3.2.2-gplay (2016/10/05; dav4android; '
                    'okhttp3) Android/6.0',
 'PATH_INFO': '/TestUser/carddav/',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '192.168.43.1',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'PROPFIND',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'fuxo-VirtualBox',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=5>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
Sanitized path: /TestUser/carddav/
HTTP-based auth on http://192.168.43.48:5000/api_v1.0/user_auth/.
Starting new HTTP connection (1): 192.168.43.48
"POST /api_v1.0/user_auth/ HTTP/1.1" 200 2
##### Print: username: TestUser password: TestPassword Status Code: 200
Starting new HTTP connection (1): 192.168.43.48
"POST /api_v1.0/user_auth/ HTTP/1.1" 200 2
Rights type 'authenticated'
Test if 'TestUser:TestUser/carddav' matches against '.+:.*' from section 'rw'
Section 'rw' matches
TestUser has read access to collection TestUser/carddav/
Rights type 'authenticated'
Test if 'TestUser:TestUser/carddav' matches against '.+:.*' from section 'rw'
Section 'rw' matches
TestUser has write access to collection TestUser/carddav/
Request content:
<?xml version='1.0' encoding='UTF-8' ?><propfind xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CARD="urn:ietf:params:xml:ns:carddav"><prop><current-user-principal /></prop></propfind>
Response content:
<?xml version="1.0"?>
<multistatus xmlns="DAV:">
  <response>
    <href>/TestUser/carddav/</href>
    <propstat>
      <prop>
        <current-user-principal>
          <href>/TestUser/</href>
        </current-user-principal>
      </prop>
      <status>HTTP/1.1 200 OK</status>
    </propstat>
  </response>
</multistatus>

Answer status: 207 Unknown
OPTIONS request at /TestUser/ received
Request headers:
{'CONTENT_LENGTH': '0',
 'CONTENT_TYPE': 'text/plain',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_ENCODING': 'gzip',
 'HTTP_ACCEPT_LANGUAGE': 'sk-SK, sk;q=0.7, *;q=0.5',
 'HTTP_AUTHORIZATION': 'Basic VGVzdFVzZXI6VGVzdFBhc3N3b3Jk',
 'HTTP_CONNECTION': 'Keep-Alive',
 'HTTP_HOST': '192.168.43.48:5232',
 'HTTP_USER_AGENT': 'DAVdroid/1.3.2.2-gplay (2016/10/05; dav4android; '
                    'okhttp3) Android/6.0',
 'PATH_INFO': '/TestUser/',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '192.168.43.1',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'OPTIONS',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'fuxo-VirtualBox',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=5>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
Sanitized path: /TestUser/
HTTP-based auth on http://192.168.43.48:5000/api_v1.0/user_auth/.
Starting new HTTP connection (1): 192.168.43.48
"POST /api_v1.0/user_auth/ HTTP/1.1" 200 2
##### Print: username: TestUser password: TestPassword Status Code: 200
Starting new HTTP connection (1): 192.168.43.48
"POST /api_v1.0/user_auth/ HTTP/1.1" 200 2
Rights type 'authenticated'
Test if 'TestUser:TestUser' matches against '.+:.*' from section 'rw'
Section 'rw' matches
TestUser has read access to collection TestUser/
Rights type 'authenticated'
Test if 'TestUser:TestUser' matches against '.+:.*' from section 'rw'
Section 'rw' matches
TestUser has write access to collection TestUser/
Answer status: 200 OK
PROPFIND request at / received
Request headers:
{'CONTENT_LENGTH': '435',
 'CONTENT_TYPE': 'application/xml; charset=utf-8',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_ENCODING': 'gzip',
 'HTTP_ACCEPT_LANGUAGE': 'sk-SK, sk;q=0.7, *;q=0.5',
 'HTTP_AUTHORIZATION': 'Basic VGVzdFVzZXI6VGVzdFBhc3N3b3Jk',
 'HTTP_CONNECTION': 'Keep-Alive',
 'HTTP_DEPTH': '0',
 'HTTP_HOST': '192.168.43.48:5232',
 'HTTP_USER_AGENT': 'DAVdroid/1.3.2.2-gplay (2016/10/05; dav4android; '
                    'okhttp3) Android/6.0',
 'PATH_INFO': '/',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '192.168.43.1',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'PROPFIND',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'fuxo-VirtualBox',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=5>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
Sanitized path: /
HTTP-based auth on http://192.168.43.48:5000/api_v1.0/user_auth/.
Starting new HTTP connection (1): 192.168.43.48
"POST /api_v1.0/user_auth/ HTTP/1.1" 200 2
##### Print: username: TestUser password: TestPassword Status Code: 200
Starting new HTTP connection (1): 192.168.43.48
"POST /api_v1.0/user_auth/ HTTP/1.1" 200 2
Rights type 'authenticated'
Test if 'TestUser:/' matches against '.+:.*' from section 'rw'
Section 'rw' matches
TestUser has read access to collection /
Rights type 'authenticated'
Test if 'TestUser:/' matches against '.+:.*' from section 'rw'
Section 'rw' matches
TestUser has write access to collection /
Request content:
<?xml version='1.0' encoding='UTF-8' ?><propfind xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CARD="urn:ietf:params:xml:ns:carddav"><prop><resourcetype /><displayname /><n0:calendar-color xmlns:n0="http://apple.com/ns/ical/" /><CAL:calendar-description /><CAL:calendar-timezone /><current-user-privilege-set /><CAL:supported-calendar-component-set /><CAL:calendar-home-set /><current-user-principal /></prop></propfind>
Response content:
<?xml version="1.0"?>
<multistatus xmlns="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav" xmlns:ICAL="http://apple.com/ns/ical/">
  <response>
    <href>/</href>
    <propstat>
      <prop>
        <resourcetype>
          <principal />
          <collection />
        </resourcetype>
        <displayname />
        <ICAL:calendar-color>#f2571f</ICAL:calendar-color>
        <C:calendar-timezone>BEGIN:VCALENDAR
PRODID:-//Radicale//NONSGML Radicale Server//EN
VERSION:2.0
END:VCALENDAR
</C:calendar-timezone>
        <current-user-privilege-set>
          <privilege>
            <all />
            <read />
            <write />
            <write-properties />
            <write-content />
          </privilege>
        </current-user-privilege-set>
        <C:supported-calendar-component-set>
          <C:comp name="VTODO" />
          <C:comp name="VEVENT" />
          <C:comp name="VJOURNAL" />
        </C:supported-calendar-component-set>
        <C:calendar-home-set>
          <href>/</href>
        </C:calendar-home-set>
        <current-user-principal>
          <href>/TestUser/</href>
        </current-user-principal>
      </prop>
      <status>HTTP/1.1 200 OK</status>
    </propstat>
    <propstat>
      <prop>
        <C:calendar-description />
      </prop>
      <status>HTTP/1.1 404 Not Found</status>
    </propstat>
  </response>
</multistatus>

Answer status: 207 Unknown
OPTIONS request at /TestUser/ received
Request headers:
{'CONTENT_LENGTH': '0',
 'CONTENT_TYPE': 'text/plain',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_ENCODING': 'gzip',
 'HTTP_ACCEPT_LANGUAGE': 'sk-SK, sk;q=0.7, *;q=0.5',
 'HTTP_AUTHORIZATION': 'Basic VGVzdFVzZXI6VGVzdFBhc3N3b3Jk',
 'HTTP_CONNECTION': 'Keep-Alive',
 'HTTP_HOST': '192.168.43.48:5232',
 'HTTP_USER_AGENT': 'DAVdroid/1.3.2.2-gplay (2016/10/05; dav4android; '
                    'okhttp3) Android/6.0',
 'PATH_INFO': '/TestUser/',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '192.168.43.1',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'OPTIONS',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'fuxo-VirtualBox',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=5>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
Sanitized path: /TestUser/
HTTP-based auth on http://192.168.43.48:5000/api_v1.0/user_auth/.
Starting new HTTP connection (1): 192.168.43.48
"POST /api_v1.0/user_auth/ HTTP/1.1" 200 2
##### Print: username: TestUser password: TestPassword Status Code: 200
Starting new HTTP connection (1): 192.168.43.48
"POST /api_v1.0/user_auth/ HTTP/1.1" 200 2
Rights type 'authenticated'
Test if 'TestUser:TestUser' matches against '.+:.*' from section 'rw'
Section 'rw' matches
TestUser has read access to collection TestUser/
Rights type 'authenticated'
Test if 'TestUser:TestUser' matches against '.+:.*' from section 'rw'
Section 'rw' matches
TestUser has write access to collection TestUser/
Answer status: 200 OK
PROPFIND request at /TestUser/ received
Request headers:
{'CONTENT_LENGTH': '205',
 'CONTENT_TYPE': 'application/xml; charset=utf-8',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_ENCODING': 'gzip',
 'HTTP_ACCEPT_LANGUAGE': 'sk-SK, sk;q=0.7, *;q=0.5',
 'HTTP_AUTHORIZATION': 'Basic VGVzdFVzZXI6VGVzdFBhc3N3b3Jk',
 'HTTP_CONNECTION': 'Keep-Alive',
 'HTTP_DEPTH': '0',
 'HTTP_HOST': '192.168.43.48:5232',
 'HTTP_USER_AGENT': 'DAVdroid/1.3.2.2-gplay (2016/10/05; dav4android; '
                    'okhttp3) Android/6.0',
 'PATH_INFO': '/TestUser/',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '192.168.43.1',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'PROPFIND',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'fuxo-VirtualBox',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=5>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
Sanitized path: /TestUser/
HTTP-based auth on http://192.168.43.48:5000/api_v1.0/user_auth/.
Starting new HTTP connection (1): 192.168.43.48
"POST /api_v1.0/user_auth/ HTTP/1.1" 200 2
##### Print: username: TestUser password: TestPassword Status Code: 200
Starting new HTTP connection (1): 192.168.43.48
"POST /api_v1.0/user_auth/ HTTP/1.1" 200 2
Rights type 'authenticated'
Test if 'TestUser:TestUser' matches against '.+:.*' from section 'rw'
Section 'rw' matches
TestUser has read access to collection TestUser/
Rights type 'authenticated'
Test if 'TestUser:TestUser' matches against '.+:.*' from section 'rw'
Section 'rw' matches
TestUser has write access to collection TestUser/
Request content:
<?xml version='1.0' encoding='UTF-8' ?><propfind xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CARD="urn:ietf:params:xml:ns:carddav"><prop><CAL:calendar-user-address-set /></prop></propfind>
Response content:
<?xml version="1.0"?>
<multistatus xmlns="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav">
  <response>
    <href>/TestUser/</href>
    <propstat>
      <prop>
        <C:calendar-user-address-set>
          <href>/TestUser/</href>
        </C:calendar-user-address-set>
      </prop>
      <status>HTTP/1.1 200 OK</status>
    </propstat>
  </response>
</multistatus>

Answer status: 207 Unknown

And username and password see in Autentication server too.

Flask server output:

FORM ImmutableMultiDict([])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([('http_password_parameter', 'TestPassword'), ('http_user_parameter', 'TestUser')])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([('http_password_parameter', 'TestPassword'), ('http_user_parameter', 'TestUser')])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([('http_password_parameter', 'TestPassword'), ('http_user_parameter', 'TestUser')])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([('http_password_parameter', 'TestPassword'), ('http_user_parameter', 'TestUser')])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([('http_password_parameter', 'TestPassword'), ('http_user_parameter', 'TestUser')])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([('http_password_parameter', 'TestPassword'), ('http_user_parameter', 'TestUser')])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([('http_password_parameter', 'TestPassword'), ('http_user_parameter', 'TestUser')])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([('http_password_parameter', 'TestPassword'), ('http_user_parameter', 'TestUser')])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([('http_password_parameter', 'TestPassword'), ('http_user_parameter', 'TestUser')])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([('http_password_parameter', 'TestPassword'), ('http_user_parameter', 'TestUser')])
192.168.43.48 - - [13/Oct/2016 08:23:48] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -

But in step 2:

I don’t see password and isn’t sent to autentication server:

##### Print: username: None password: None Status Code: 200

PROPFIND request at /TestUser/ received
Request headers:
{'CONTENT_LENGTH': '221',
 'CONTENT_TYPE': 'application/xml; charset=utf-8',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_ENCODING': 'gzip',
 'HTTP_ACCEPT_LANGUAGE': 'sk-SK, sk;q=0.7, *;q=0.5',
 'HTTP_CONNECTION': 'Keep-Alive',
 'HTTP_DEPTH': '0',
 'HTTP_HOST': '192.168.43.48:5232',
 'HTTP_USER_AGENT': 'DAVdroid/1.3.2.2-gplay (2016/10/05; dav4android; '
                    'okhttp3) Android/6.0',
 'PATH_INFO': '/TestUser/',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '192.168.43.1',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'PROPFIND',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'fuxo-VirtualBox',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=5>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
Sanitized path: /TestUser/
HTTP-based auth on http://192.168.43.48:5000/api_v1.0/user_auth/.
Starting new HTTP connection (1): 192.168.43.48
##### Print: username: None password: None Status Code: 200
Starting new HTTP connection (1): 192.168.43.48
Rights type 'authenticated'
Test if ':TestUser' matches against '.+:.*' from section 'rw'
Anonymous has NO read access to collection TestUser/
Rights type 'authenticated'
Test if ':TestUser' matches against '.+:.*' from section 'rw'
Anonymous has NO write access to collection TestUser/
Request content:
<?xml version='1.0' encoding='UTF-8' ?><propfind xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CARD="urn:ietf:params:xml:ns:carddav"><prop><CARD:addressbook-home-set /><group-membership /></prop></propfind>
Response content:
<?xml version="1.0"?>
<multistatus xmlns="DAV:" />
Answer status: 207 Unknown
PROPFIND request at /TestUser/ received
Request headers:
{'CONTENT_LENGTH': '360',
 'CONTENT_TYPE': 'application/xml; charset=utf-8',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_ENCODING': 'gzip',
 'HTTP_ACCEPT_LANGUAGE': 'sk-SK, sk;q=0.7, *;q=0.5',
 'HTTP_CONNECTION': 'Keep-Alive',
 'HTTP_DEPTH': '0',
 'HTTP_HOST': '192.168.43.48:5232',
 'HTTP_USER_AGENT': 'DAVdroid/1.3.2.2-gplay (2016/10/05; dav4android; '
                    'okhttp3) Android/6.0',
 'PATH_INFO': '/TestUser/',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '192.168.43.1',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'PROPFIND',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'fuxo-VirtualBox',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=5>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
Sanitized path: /TestUser/
HTTP-based auth on http://192.168.43.48:5000/api_v1.0/user_auth/.
Starting new HTTP connection (1): 192.168.43.48
##### Print: username: None password: None Status Code: 200
Starting new HTTP connection (1): 192.168.43.48
Rights type 'authenticated'
Test if ':TestUser' matches against '.+:.*' from section 'rw'
Anonymous has NO read access to collection TestUser/
Rights type 'authenticated'
Test if ':TestUser' matches against '.+:.*' from section 'rw'
Anonymous has NO write access to collection TestUser/
Request content:
<?xml version='1.0' encoding='UTF-8' ?><propfind xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CARD="urn:ietf:params:xml:ns:carddav"><prop><CAL:calendar-home-set /><n0:calendar-proxy-read-for xmlns:n0="http://calendarserver.org/ns/" /><n1:calendar-proxy-write-for xmlns:n1="http://calendarserver.org/ns/" /><group-membership /></prop></propfind>
Response content:
<?xml version="1.0"?>
<multistatus xmlns="DAV:" />
Answer status: 207 Unknown
PROPFIND request at / received
Request headers:
{'CONTENT_LENGTH': '422',
 'CONTENT_TYPE': 'application/xml; charset=utf-8',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_ENCODING': 'gzip',
 'HTTP_ACCEPT_LANGUAGE': 'sk-SK, sk;q=0.7, *;q=0.5',
 'HTTP_CONNECTION': 'Keep-Alive',
 'HTTP_DEPTH': '1',
 'HTTP_HOST': '192.168.43.48:5232',
 'HTTP_USER_AGENT': 'DAVdroid/1.3.2.2-gplay (2016/10/05; dav4android; '
                    'okhttp3) Android/6.0',
 'PATH_INFO': '/',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '192.168.43.1',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'PROPFIND',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'fuxo-VirtualBox',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.TextIOWrapper name='<stderr>' mode='w' encoding='UTF-8'>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=5>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
Sanitized path: /
HTTP-based auth on http://192.168.43.48:5000/api_v1.0/user_auth/.
Starting new HTTP connection (1): 192.168.43.48
##### Print: username: None password: None Status Code: 200
Starting new HTTP connection (1): 192.168.43.48
Rights type 'authenticated'
Test if ':/' matches against '.+:.*' from section 'rw'
Anonymous has NO read access to collection /
Rights type 'authenticated'
Test if ':/' matches against '.+:.*' from section 'rw'
Anonymous has NO write access to collection /
Rights type 'authenticated'
Test if ':TestUser' matches against '.+:.*' from section 'rw'
Anonymous has NO read access to collection TestUser/
Rights type 'authenticated'
Test if ':TestUser' matches against '.+:.*' from section 'rw'
Anonymous has NO write access to collection TestUser/
Rights type 'authenticated'
Test if ':lukassliacky' matches against '.+:.*' from section 'rw'
Anonymous has NO read access to collection lukassliacky/
Rights type 'authenticated'
Test if ':lukassliacky' matches against '.+:.*' from section 'rw'
Anonymous has NO write access to collection lukassliacky/
Request content:
<?xml version='1.0' encoding='UTF-8' ?><propfind xmlns="DAV:" xmlns:CAL="urn:ietf:params:xml:ns:caldav" xmlns:CARD="urn:ietf:params:xml:ns:carddav"><prop><resourcetype /><current-user-privilege-set /><displayname /><CARD:addressbook-description /><CARD:supported-address-data /><CAL:calendar-description /><n0:calendar-color xmlns:n0="http://apple.com/ns/ical/" /><CAL:supported-calendar-component-set /></prop></propfind>
Response content:
<?xml version="1.0"?>
<multistatus xmlns="DAV:" />
Answer status: 207 Unknown

Flask server output (without ussername and pass):

FORM ImmutableMultiDict([])
192.168.43.48 - - [13/Oct/2016 08:24:18] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([])
192.168.43.48 - - [13/Oct/2016 08:24:18] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([])
192.168.43.48 - - [13/Oct/2016 08:24:18] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([])
192.168.43.48 - - [13/Oct/2016 08:24:18] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([])
192.168.43.48 - - [13/Oct/2016 08:24:18] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -
FORM ImmutableMultiDict([])
192.168.43.48 - - [13/Oct/2016 08:24:18] "POST /api_v1.0/user_auth/ HTTP/1.1" 200 -

When i test create calendar on MAC Calendar with this values:

I don’t see username and password and calendar isn’t created too. (same scenario is when i try Ubuntu Evolution)

Please, can you help me with configuration or my wrong access?

Thank you.

[neilromig]

Hi - I am very new to Radicale so forgive me if this not right, but shouldn't you be using "http:/192.168.43.48:5232/username/" at DAVDroid login, and perhaps also at MAC Calendat the server path should be "/username" ?

Neil.

[pantierra]

Just two cents: Wouldn't it be better to have a clear single endpoint, like http:/localhost:5232 instead of using username in the url? It is anyway specified in the authentication.

[poVoq]

This http basic auth plugin was removed from Radicale?

I am looking for an easy way to auth a Radicale server against a basic http backend, specifically this: https://modules.prosody.im/mod_http_auth_check.html

[pbiering]

basic auth is still supported - closing as related to old version, please reopen in case still happened with latest version