[Tickets #12385] Re: DAV-Principals mix auth-username and horde-username

noreply at bugs.horde.org noreply at bugs.horde.org
Mon Jun 24 13:21:39 UTC 2013 

DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/12385
------------------------------------------------------------------------------
  Ticket             | 12385
  Updated By         | piper at hrz.uni-marburg.de <>
  Summary            | DAV-Principals mix auth-username and horde-username
  Queue              | Horde Framework Packages
  Version            | FRAMEWORK_4
  Type               | Bug
  State              | Unconfirmed
  Priority           | 3. High
  Milestone          |
  Patch              | 1
  Owners             |
------------------------------------------------------------------------------


piper at hrz.uni-marburg.de (2013-06-21 09:15) wrote:

In my horde-setup (Horde-5.1.1, IMP-6.1.1, Horde_Dav-1.0.0) I am using  
horde-usernames of form 'user at domain' and auth-usernames of form 'user'.

This leads to problems with CalDav-access: if I access a caldav-URL  
with the browser, I get the (xml-)message 'User user at domain does not  
exist'. This is related to the authentication-routine  
getPrincipalByPath($path)  in 'Horde/Dav/Principals.php', where the  
horde-username from the URL is used as auth-username. It can be fixed  
by converting the username to auth-username (see attached patch).

This leads to the new error message 'User did not have the required  
privileges ({DAV:}read) for path "..."', as the authentication in the  
browser has been done using the auth-username, which is used in the  
routine 'getCurrentUserPrincipal()' in 'Sabre/DAVACL/Plugin.php' to  
set the principal-path, which should contain the horde-username. This  
can be fixed likewise by converting the username to horde-username  
(see second patch).

Is my observation and the fixing correct, or do I miss something here?

Thanks for your help,
regards,
Andreas




piper at hrz.uni-marburg.de (2013-06-21 09:15) uploaded:  
Horde_Dav_Principals.php.patch

http://bugs.horde.org/h/services/download/?app=whups&actionID=download_file&file=Horde_Dav_Principals.php.patch&ticket=12385&fn=%2FHorde_Dav_Principals.php.patch

More information about the bugs mailing list