search

Kozea / Radicale

A simple CalDAV (calendar) and CardDAV (contact) server.
https://radicale.org
GNU General Public License v3.0
3.31k stars 428 forks source link

iPhone IOS12 denied access #936

Closed allinaseng closed 5 years ago

allinaseng commented 5 years ago

Hello, Currently facing a problem with trying to get Radicale to syn to an iPhone. The issue present seems to be a denied access. I can get the contacts through a browser but if I add the account using CardDav then it does not work and get an authentication error. I posted the log and rights file to help further explain the case.

Maybe it's something I made a mistake on. rights1.txt

log1.txt

return42 commented 5 years ago

Just a blind shot ...

Sanitized path: '/ppfmadmin/ppfm_master/'
...
INFO: PROPFIND response status for '/ppfmadmin/ppfm_master/' with depth '0' in 0.017 seconds: 401 Unauthorized
DEBUG: anonymous user has read access to collection 'ppfmadmin/ppfm_master' 2019-03-26 10:29:28,858 - [49e0] 
INFO: Access to '/ppfmadmin/ppfm_master/' denied for anonymous user

Your user seems to be 'anonymous' ... next question will be; Did you check your rights file ..

# The first rule matching both user and collection patterns will be returned.
allinaseng commented 5 years ago

I have the rights file listed as well. For the rights file according to the documentation, using .* would be anonymous and the DEBUG shows that anonymous has read access.

Unless I wrote my rights file wrong or it's not reading the rights file correctly due to first match rule.

Thanks,

Allina

Sent from my Samsung Galaxy smartphone.

-------- Original message -------- From: Markus Heiser notifications@github.com Date: 3/26/19 1:35 PM (GMT-08:00) To: Kozea/Radicale Radicale@noreply.github.com Cc: Allina Seng Allina.Seng@csulb.edu, Author author@noreply.github.com Subject: Re: [Kozea/Radicale] iPhone IOS12 denied access (#936)

Just a blind shot ...

Sanitized path: '/ppfmadmin/ppfm_master/' ... INFO: PROPFIND response status for '/ppfmadmin/ppfm_master/' with depth '0' in 0.017 seconds: 401 Unauthorized DEBUG: anonymous user has read access to collection 'ppfmadmin/ppfm_master' 2019-03-26 10:29:28,858 - [49e0] INFO: Access to '/ppfmadmin/ppfm_master/' denied for anonymous user

Your user seems to be 'anonymous' ... next question will be; Did you check your rights file ..

The first rule matching both user and collection patterns will be returned.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/Kozea/Radicale/issues/936#issuecomment-476839116, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AusZRgW-6f-D6kQ6GOH3WPhnkfu8XL3Uks5vaoRzgaJpZM4cMDY8.

allinaseng commented 5 years ago

the rights file has it set as: [iphone-staff-read] user: . collection: ppfmadmin/ permission: r

this works as it points to the users' root collection but as to whether or not it passes anything back to the device in question is where I am stuck.

This is a snippet of the log as of recent:

2019-03-26 11:37:25,260 - [352c] DEBUG: Rule '':'ppfmadmin/ppfm_master' matches '.*':'ppfmadmin/ppfm_master' from section 'iphone-staff-read' 2019-03-26 11:37:25,260 - [352c] DEBUG: anonymous user has read access to collection 'ppfmadmin/ppfm_master' 2019-03-26 11:37:25,260 - [352c] INFO: Access to '/ppfmadmin/ppfm_master/' denied for anonymous user 2019-03-26 11:37:25,260 - [352c] DEBUG: Asking client for authentication 2019-03-26 11:37:25,260 - [352c] DEBUG: Response content: Access to the requested resource forbidden. 2019-03-26 11:37:25,261 - [352c] INFO: PROPFIND response status for '/ppfmadmin/ppfm_master/' with depth '0' in 0.024 seconds: 401 Unauthorized 2019-03-26 11:45:11,101 - [490c] INFO: OPTIONS request for '/ppfmadmin/ppfm_master/' received from 10.33.51.223 using 'iOS/12.1.4 (16D57) dataaccessd/1.0' 2019-03-26 11:45:11,104 - [490c] DEBUG: Request headers:

balki commented 5 years ago

If the server is not running https, it wont work on iphone/ios. ref: https://github.com/Kozea/Radicale/issues/870#issuecomment-458397475

allinaseng commented 5 years ago

How would you set the onfig file for Radicale then if we are using https? I had some trouble with that.

Should this:

hosts = 127.1.1.15:5232

Be Hosts = 127.1.1.15:8083 or 127.1.1.15:443 since iphones use a different https port?

Thanks

Allina Seng

From: Balki notifications@github.com Sent: Tuesday, April 2, 2019 8:53 AM To: Kozea/Radicale Radicale@noreply.github.com Cc: Allina Seng Allina.Seng@csulb.edu; Author author@noreply.github.com Subject: Re: [Kozea/Radicale] iPhone IOS12 denied access (#936)

If the server is not running https, it wont work on iphone/ios. ref: #870 (comment)https://github.com/Kozea/Radicale/issues/870#issuecomment-458397475

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/Kozea/Radicale/issues/936#issuecomment-479063778, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AusZRhSv30TLZKhCUKscfa54LSHIV_A2ks5vc3zjgaJpZM4cMDY8.

allinaseng commented 5 years ago

This has been resolved. Creating SSL certs worked like a charm.

Thanks for all the help.