[kronolith] Kronolith as CalDAV Client - r/w access?

Mon Mar 30 06:21:06 UTC 2009

Elliot Anders schrieb:

>>
> For the record, we have a setup that uses kronolith and 
> Sunbird/Lightning very successfully.  There are a few bugs that cause us 
> headaches, but for the most part it works as advertised.  Where is your 
> setup breaking down?  What platforms are you on? Have you added your 
> local Certificate Authority to the client machines?
> -Elliot

Glad to hear that, so there is hope :-)

well, I can only quote my mail to this list from february. Basically, I get 403 
errors in the Apache log, and the clients just say, that changing the event did 
not work. I don't understand why I get 403 errors and not 401. The PROPFIND gets 
a 207 response.

I have not yet imported the local CA, I am still struggling with certificates, 
although I have already baught (and read) a full book on that subject. I would 
like to point out, that read access with Sunbird or Thunderbird Lightning is no 
problem (with iCal not even that works, but the very obscure error message seems 
to be related with the certificate). With Sunbird and lightning the problem is 
writing. Hence, I don't think that the CA is an issue there.

regards,
Marcus

Jan Schneider schrieb:
 > Zitat von Marcus Frischherz <marcus at casaberg.at>:
 >
 >>
 >>
 >> Jan Schneider schrieb:
 >>> Zitat von gimili <gimili17 at gmail.com>:
 >>>
 >>>> Jan Schneider wrote:
 >>>>> Zitat von Marcus Frischherz <marcus at casaberg.at>:
 >>>>>
 >>>>>> Hi!
 >>>>>>
 >>>>>> I have now been trying several days to get writing events working from 
sunbird/lightning to kronolith. I am fine within kronolith (on the web page), 
and I am fine reading via sunbird/lightning. I read the Wiki page concerning 
that subject, and the news threads referenced there, but they did not help me.
 >>>>>>
 >>>>>> Basically the client fails when trying to write an event.
 >>>>>>
 >>>>>> For one thing, I don't know whether I need to enable DAV? If yes, I get the
 >>>>>> following error in the access log:
 >>>>>
 >>>>> No. Horde uses it's own WebDAV implementation.
 >>>>>
 >>>>>> If disabled DAV, I get no Apache error, but this in the access log:
 >>>>>> 84.xxx.145.204 - frim [23/Jan/2009:18:48:23 +0100] "GET
 >>>>>> /horde/rpc.php/kronolith/frim.ics HTTP/1.1" 200 2090 "-" "Mozilla/5.0
 >>>>>> (Macintosh; U; Intel Mac OS X; de; rv:1.8.1.18pre) Gecko/20080917 
Sunbird/0.9"
 >>>>>
 >>>>> The patch looks wrong. It should actually rather look like:
 >>>>> /horde/rpc.php/kronolith/frim/frim.ics
 >>>>>
 >>
 >> Well, I tried it now again with that path as well (the documentation and 
wiki mention both paths, and depending on the kronolith version the web 
interface tells me to use one or the other), and used it without WebDAV, but it 
still does not work, this time with a 403 error code in Apache on the PUT and a 
207 for the PROPFIND
 >> I think I had actually tried out in vain every imaginable combination before 
first writing to the list.
 >>
 >> 84.xxx.145.204 - frim [31/Jan/2009:23:45:28 +0100] "GET 
/horde/rpc.php/kronolith/frim/frim.ics HTTP/1.1" 200 2249 "-" "Mozilla/5.0 
(Macintosh; U; Intel Mac OS X; de; rv:1.8.1.19) Gecko/20081209 Lightning/0.9 
Thunderbird/2.0.0.19"
 >> 84.xxx.145.204 - - [31/Jan/2009:23:45:29 +0100] "PUT 
/horde/rpc.php/kronolith/frim/frim.ics HTTP/1.1" 403 688 "-" "Mozilla/5.0 
(Macintosh; U; Intel Mac OS X; de; rv:1.8.1.19) Gecko/20081209 Lightning/0.9 
Thunderbird/2.0.0.19"
 >> 84.xxx.145.204 - frim [31/Jan/2009:23:45:29 +0100] "PROPFIND 
/horde/rpc.php/kronolith/frim/frim.ics HTTP/1.1" 207 271 "-" "Mozilla/5.0 
(Macintosh; U; Intel Mac OS X; de; rv:1.8.1.19) Gecko/20081209 Lightning/0.9 
Thunderbird/2.0.0.19"
 >
 > Are you sure that you have *not* enabled Apache's DAV for the Horde 
directory? The 403 is usually a sign that either resource permissions inside 
Horde are not sufficient, or that the path to the resource is wrong. Are you 
sure that PATH_INFO is enabled for your web server and that you have sufficient 
permissions for that calendar?
 >
Well, WebDAV is turned off for sure. I have not heard before of the necesiity to 
set the AcceptPathInfo directive, but after your mail I tried that out as well 
(I assume I have to set it to On), but it still does not work.
I notice in the log, that the PUT is without a user identification. As far as I 
understand http user authentification, the server should respond with 401, so 
the client then tries to authenticate, but I see 403.

As far as file permissions are concerned: what is required? Obviously all files 
can be read by Apache, what else is needed? The path behind rpc.php is virtual, 
so I cannot set permissions for them.

If there is a description of how to set it up properly I'll happily read it, 
rather than molesting the mailing list...

kind regards,
Marcus