allowanonymous: 1 and httpd
Dilyan Palauzov
Dilyan.Palauzov at aegee.org
Sun Aug 26 19:07:36 EDT 2018
Hello,
how is supposed cyrus/httpd to work with allowanonymous: 1?
The added value of having SASL ANONYMOUS towards publically available
data, is that some clients only send user names and passwords, once
they get HTTP 401 Unauthenticated and if data is offered anonymously
without authenticatin (without providing user name) the client get
valid data without getting 401 Unauthenticated, so it never sends
username.
Is the DAV:current-user-principal for the anonymous user supposed do
return <D:href>/principals/users/anonymous</D:href> ?
Currently
curl -D- -XPROPFIND -u anonymous:blubblub -H"Content-Type:
application/xml" --data "<propfind
xmlns='DAV:'><prop><current-user-principal/></prop></propfind>"
https://server/dav/calendars/
curl -D- -XPROPFIND -u anonymous at server:blubblub -H"Content-Type:
application/xml" --data "<propfind
xmlns='DAV:'><prop><current-user-principal/></prop></propfind>"
https://server/dav/calendars/
return on my system
HTTP/2 401
Server: nginx
Date: Sun, 26 Aug 2018 23:02:53 GMT
Content-Type: text/html; charset=utf-8
Content-length: 427
Vary: Accept-Encoding
www-authenticate: Basic realm="domain"
www-authenticate: Negotiate
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head><title>401 Unauthorized</title></head>
<body><h1>Unauthorized</h1><p>Authentication
failed</p><hr><address>Cyrus-HTTP/3.0.8-26-gc43b6f103-dirty
Cyrus-SASL/2.1.27 OpenSSL/1.0.0 Zlib/1.2.11 Brotli/1.0.3 LibXML 2.9.8
SQLite/3.24.0 LibiCal/3.0 ICU4C/56.1 Jansson/2.10 Server at 127.0.0.3
Port 80</address></body>
</html>
Have I configured httpd incorrectly for the anonymous case, do I have
to create user/anonymous/#* mailboxes for this to work, or is just
httpd not ready for anonymous login yet?
Greetings
Дилян
More information about the Cyrus-devel
mailing list