Closed BeateLerch closed 1 week ago
Hello Karel,
thanks for investigating. Here ist he log. First, i tried to access a document created by admin, then uploaded one as myself (BL8) and tried to access that. After re-checking my user accout (just to be sure) i went and did a webdav-listing. First as myself, then as admin.
Regards, Beate
Von: Karel Pičman @.> Gesendet: Donnerstag, 27. Juni 2024 17:15 An: danmunn/redmine_dmsf @.> Cc: Lerch, Beate @.>; Author @.> Betreff: Re: [danmunn/redmine_dmsf] WebDAV / LDAP-User errors (Issue #1528)
— Reply to this email directly, view it on GitHubhttps://github.com/danmunn/redmine_dmsf/issues/1528#issuecomment-2194992946, or unsubscribehttps://github.com/notifications/unsubscribe-auth/BFH2XZS7I6B7XDBMZ67ZKZLZJQUATAVCNFSM6AAAAABKAATJHWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOJUHE4TEOJUGY. You are receiving this because you authored the thread.Message ID: @.**@.>>
Hello Karel,
after reviewing the database tables I just had a hunch – and tried authenticating via webDAV with uppercase writing of my username as it is written in the database. And voila – I can access the document. So, the problem seems to be that while redmine itself is not case sensitive about usernames, dmsf-webDAV obviously is.
Since case sensitivity in usernames is quite unusual in itself and additionally different from the behavior oft he main system, please accept this as a bug.
Thanks again, Beate
It seems to be a feature of the digest authentication as the client calculates the hash from entered login and password. On the server side you have user's hash stored in the database. The stored hash was generated using user's login and password. When an authentication is required, these two hashes are compared. If the logins differ, the hashes differ too and the authentication fails. I don't see any solution how to implement digest authentication case insensitive.
I've mentioned that in the help. If anybody comes with a solution, I will reopen it.
Hi, when a LDAP-authenticated user tries to open a MSOffice-Document via webDAV, it will result in an error "ERROR -- : Digest authentication method expected got bearer" or just "ERROR -- : Digest authentication: digest response is incorrect". A locally defined users (admin) will not have that issue. Have you any idea why this might be so?
Here is my configuration:
thanks, Beate