[kronolith] Kronolith as CalDAV Client - r/w access?

Marcus Frischherz marcus at casaberg.at
Mon Mar 30 21:53:50 UTC 2009



Andras Galos schrieb:

> 
> Php scripts can also return HTTP error codes (http://php.net/header), 
> but if nothing is in Horde's log, that means to me that the query does 
> not reach Horde at all.
> It looks an Apache misconfiguration or something which prevents the 
> rpc.php script to be run with the PUT method while it runs fine with GET.
> 
well, that's the question. I don't know whether it is Apache or kronolith
sending 403. The problem is, that 403 is wrong. It should be 401.

Quote from Wikipedia:
401 Unauthorized
     Similar to 403 Forbidden, but specifically for use when authentication is
possible but has failed or not yet been provided. See Basic access
authentication and Digest access authentication.
402 Payment Required
     ...
403 Forbidden
     The request was a legal request, but the server is refusing to respond to
it. Unlike a 401 Unauthorized response, authenticating will make no difference.

And what could that misconfiguration be?

...

Heureka, success, I found it. The Apache is configured as safe as possible, and 
had in the default-server these clauses:

      45: <Directory /home/www/*>
       48:   <Limit GET POST OPTIONS PROPFIND>
       49:     Order allow,deny
       50:     Allow from all
         :   </Limit>
       52:   <LimitExcept GET POST OPTIONS PROPFIND>
       53:     Order deny,allow
       54:     Deny from all
         :   </LimitExcept>
         : </Directory>

Only WebDAV enabled directories had other methods (like PUT and DELETE) enabled, 
so when WebDAV was enabled, PUT was so, too, but when I disabled WebDAV again, 
as told here, I didn't leave PUT enabled. So now I added a clause:

      109:   <Directory /home/www/cal>
      112:     <LimitExcept GET POST OPTIONS PROPFIND PUT>
      113:       Order deny,allow
      114:       deny from all
         :     </LimitExcept>
         :   </Directory>

and now it works. So as my Apache webserver configuration is fairly standard, 
the Wiki should just be extended with this hint.

regards,
Marcus



More information about the kronolith mailing list