[kronolith] Kronolith / sabredav: No basic authentication headers found

Michael J Rubinsky mrubinsk at horde.org
Fri May 15 14:35:38 UTC 2015


Quoting lst_hoe02 at kwsoft.de:

> Zitat von Michael J Rubinsky <mrubinsk at horde.org>:
>>
>>> Quoting lst_hoe02 at kwsoft.de:
>>>
>>>> Zitat von Michael J Rubinsky <mrubinsk at horde.org>:
>>>>
>>>> If CalDAV requests are truly stateless we should use probably be   
>>>> using the null session driver (session_control='none') for those   
>>>> requests.
>>>
>>> Is this a configuration setting or code changes needed? And would   
>>> this prevent Horde from sending a cookie reply to the unaware  
>>> client?
>>
>> Code changes in rpc.php. If you want to try it locally, look at how  
>>  the ActiveSync request is handled in rpc.php.
>>
>> I don't think it prevents all of the cookies from being sent (we   
>> have to initiate a true session very briefly in order to obtain a   
>> session id for various technical reasons that I won't go into  
>> here),  but it does reduce the overhead of maintaining the full  
>> Horde session.
>
> After poking around here http://janschneider.de/news/5/344 i dont'n  
> feel like i should poke around with session/authentication...
> Is it possible to get this fixed as "sponsored work" somehow? It is  
> really a bummer if one is going to use CalDAV seriously.

Setting the session handler to null is really easy, you don't need to  
poke around in authentication code at all. All the heavy lifting is  
already taken care of in Core. Look at the rpc.php controller script  
for how the ActiveSync requests are handled. It's really just a matter  
of making sure the session_control flag is set to none inside the  
conditional that sniffs out the calDav request.

If using the null session handler doesn't solve what your looking to  
solve, then there really isn't anything else we can do, as we MUST  
have a session id for other reasons within horde.


-- 
mike
The Horde Project
http://www.horde.org
https://www.facebook.com/hordeproject
https://www.twitter.com/hordeproject
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5869 bytes
Desc: S/MIME Signature
URL: <http://lists.horde.org/archives/kronolith/attachments/20150515/2d2c9528/attachment.bin>


More information about the kronolith mailing list