search

Kozea / Radicale

A simple CalDAV (calendar) and CardDAV (contact) server.
https://radicale.org
GNU General Public License v3.0
3.28k stars 430 forks source link

Inconsistent logs for anonymous user accessing caldav #964

Open fabrepe opened 5 years ago

fabrepe commented 5 years ago

Summary: DEBUG and INFO does not give consistent output considering anonymous access to a caldav collection

Hi all,

I configured radicale to no to use authentication. However I get a 401 HTTP error while trying to connect to the caldav. DEBUG logs show that anonymous has been granted the access, while INFO logs show the exact inverse.

Server

Client

Logs

[7f860d4a0ae8] INFO: PROPFIND response status for '/XuserX/' with depth '0' in 0.006 seconds: 401 Unauthorized
[7f860d4a0ae8] INFO: PROPFIND request for '/XuserX/' with depth '0' received from '192.168.31.9' (forwarded by 172.17.0.9) using 'Mac+OS+X/10.14.5 (18F132) CalendarAgent/416.5.1'
[7f860d4a0ae8] DEBUG: Request headers:
{'CONTENT_LENGTH': '743',
 'CONTENT_TYPE': 'text/xml',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT': '*/*',
 'HTTP_ACCEPT_ENCODING': 'gzip, deflate',
 'HTTP_ACCEPT_LANGUAGE': 'en-us',
 'HTTP_BRIEF': 't',
 'HTTP_CONNECTION': 'close',
 'HTTP_DEPTH': '0',
 'HTTP_HOST': 'radicale.local',
 'HTTP_PREFER': 'return=minimal',
 'HTTP_USER_AGENT': 'Mac+OS+X/10.14.5 (18F132) CalendarAgent/416.5.1',
 'HTTP_X_FORWARDED_FOR': '192.168.31.9',
 'HTTP_X_FORWARDED_PORT': '80',
 'HTTP_X_FORWARDED_PROTO': 'http',
 'HTTP_X_FORWARDED_SSL': 'off',
 'HTTP_X_REAL_IP': '192.168.31.9',
 'PATH_INFO': '/XuserX/',
 'QUERY_STRING': '',
 'REMOTE_ADDR': '172.17.0.9',
 'REMOTE_HOST': '',
 'REQUEST_METHOD': 'PROPFIND',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'radicale',
 'SERVER_PORT': '5232',
 'SERVER_PROTOCOL': 'HTTP/1.1',
 'SERVER_SOFTWARE': 'WSGIServer/0.2',
 'wsgi.errors': <_io.StringIO object at 0x7f860d7c2798>,
 'wsgi.file_wrapper': <class 'wsgiref.util.FileWrapper'>,
 'wsgi.input': <_io.BufferedReader name=6>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': True,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}
[7f860d4a0ae8] DEBUG: Sanitized script name: ''
[7f860d4a0ae8] DEBUG: Sanitized path: '/XuserX/'
[7f860d4a0ae8] DEBUG: Request content:
<?xml version="1.0"?>
<propfind xmlns="DAV:" xmlns:C="urn:ietf:params:xml:ns:caldav" xmlns:CS="http://calendarserver.org/ns/">
  <prop>
    <C:calendar-home-set />
    <C:calendar-user-address-set />
    <current-user-principal />
    <displayname />
    <CS:dropbox-home-URL />
    <CS:email-address-set />
    <CS:notification-URL />
    <principal-collection-set />
    <principal-URL />
    <resource-id />
    <C:schedule-inbox-URL />
    <C:schedule-outbox-URL />
    <supported-report-set />
  </prop>
</propfind>

[7f860d4a0ae8] DEBUG: anonymous user has read and write access to collection 'XuserX'
[7f860d4a0ae8] INFO: Access to '/XuserX/' denied for anonymous user
[7f860d4a0ae8] DEBUG: Asking client for authentication
[7f860d4a0ae8] DEBUG: Response content:
Access to the requested resource forbidden.
pbiering commented 6 months ago

still existing with latest 3.1.x? If not, please close this issue.