Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Login forbidden error #7461

Closed
cyberduck opened this issue Sep 26, 2013 · 8 comments
Closed

Login forbidden error #7461

cyberduck opened this issue Sep 26, 2013 · 8 comments
Assignees
Labels
bug thirdparty Issue caused by third party webdav WebDAV Protocol Implementation
Milestone

Comments

@cyberduck
Copy link
Collaborator

2f621bc created the issue

Hi,

if trying to connect to the WebDAV folder, I get a forbidden error. This works with the same configuration in 4.2.1 like a charm, but with 4.3.1 and the latest build it fails.

  • Log:
HEAD /alfresco/webdav/Collaboration%20Home/Private/By%20name%20Z/Zurich%20ECM%20CoE/ECMaaS/ HTTP/1.1
Host: docs.amer.csc.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.4 (Mac OS X/10.8.5) (x86_64)
Authorization: Basic Ym5lc3RsZXI6TTBuc3RlcjA4X2Ih
HTTP/1.1 403 Forbidden
Date: Thu, 26 Sep 2013 21:07:43 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Cache-Control: proxy-revalidate
Connection: Keep-Alive
Set-Cookie: BC_HA_c111016a43948563_1107287B=43F046; Domain=.amer.csc.com; expires=Thu, 26-Sep-13 23:09:43 GMT; Path=/
PROPFIND /alfresco/webdav/Collaboration%20Home/Private/By%20name%20Z/Zurich%20ECM%20CoE/ECMaaS/ HTTP/1.1
Depth: 1
Content-Type: text/xml; charset=utf-8
Content-Length: 0
Host: docs.amer.csc.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.4 (Mac OS X/10.8.5) (x86_64)
Cookie: BC_HA_c111016a43948563_1107287B=43F046
Cookie2: $Version=1
Authorization: Basic Ym5lc3RsZXI6TTBuc3RlcjA4X2Ih
HTTP/1.1 403 Forbidden
Date: Thu, 26 Sep 2013 21:07:44 GMT
Server: Apache
Content-Length: 726
Content-Type: text/html; charset=iso-8859-1
Cache-Control: proxy-revalidate
Connection: Keep-Alive
Set-Cookie: BC_HA_c111016a43948563_1107287B=43F046; Domain=.amer.csc.com; expires=Thu, 26-Sep-13 23:09:44 GMT; Path=/

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Please post the transcript from a connection using 4.2.1 for comparison.

@cyberduck
Copy link
Collaborator Author

2f621bc commented

PROPFIND /alfresco/webdav/Collaboration%20Home/Private/By%20name%20Z/Zurich%20ECM%20CoE/ECMaaS/ HTTP/1.1
Depth: 1
Content-Type: text/xml; charset=utf-8
Content-Length: 99
Host: docs.amer.csc.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.2.1 (Mac OS X/10.8.5) (i386)
HTTP/1.1 401 Authorization Required
Date: Sat, 28 Sep 2013 08:33:53 GMT
Server: Apache
WWW-authenticate: basic realm="AMER CSC Docs WebDAV Component"
Content-Length: 29
Content-Type: text/html; charset=iso-8859-1
Cache-Control: proxy-revalidate
Connection: Keep-Alive
Set-Cookie: SMCHALLENGE=YES; path=/; domain=.csc.com
Set-Cookie: BC_HA_c111016a43948563_1107287B=44B6E1; Domain=.amer.csc.com; expires=Sat, 28-Sep-13 10:35:53 GMT; Path=/
Proxy-support: Session-based-authentication
PROPFIND /alfresco/webdav/Collaboration%20Home/Private/By%20name%20Z/Zurich%20ECM%20CoE/ECMaaS/ HTTP/1.1
Depth: 1
Content-Type: text/xml; charset=utf-8
Content-Length: 99
Host: docs.amer.csc.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.2.1 (Mac OS X/10.8.5) (i386)
Cookie: BC_HA_c111016a43948563_1107287B=44B6E1; SMCHALLENGE=YES
Cookie2: $Version=1
Authorization: Basic Ym5lc3RsZXI6TTBuc3RlcjA4X2Ih
HTTP/1.1 207 Multi-Status
Date: Sat, 28 Sep 2013 08:33:54 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 621
Content-Type: text/xml;charset=UTF-8
Cache-Control: private, max-age=60, proxy-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Set-Cookie: SMCHALLENGE=; expires=Mon, 01 Apr 2013 08:33:54 GMT; path=/; domain=.csc.com
Set-Cookie: SMSESSION=6Q7IX+5kZcTQ6XhzIs1gv4f/Gs4A3SkBPkWfCEK+xfQqgdar7W9jJwr6+QpevzPvDkMixr1CaeHnSMguzWhpnc8AVBVe5eMf094J14LQG6kQFsjLwwz/iOdHHVvhVhtzk3FJfVhltNijLZPGHUrgRAFDAzqzBiVGNS0qntwehIDETS8hxPZEo0LrgiHfR4bQi5ZUZWggRJFPHixdIn+aSa088OHhsiQoYGqEZjmpKql4Y0xf0cMpnsNSn26bZiHxuwYkErEycHiSynEgVla7fyStVgj1C4H4BgSZft0KUF4d7e7NZvLaj6gnwK+RhgWfJw4efLClMTSkjwLFkFjiDLkmJlEsafcaciAWqYf5d9GmplSQOw9LCIfDrWcVk+kiQL9NPsDrkkgvYeFK/J3T+F3L5rjKw0Abm6tXQ/l2eHodTCnUKs9Jb1oPbaAqvGEZexu6U5OlHU/qx91wRv+BVk2FkEVgM5MN7F+3R4PegMVMY1gBkjtkqqY3NaXBuIP+tnl0z1siAOIcPA054+X64Y6bc57oUwCGqG/fRcQG233xQaHYGqYcvcbsS6XANo6fOl4a3HMgNFGar8sqTlO7Q1dvK7+3eSgjcko2Px6PAAXjbHIVM+4nAxQWLVKvbT7hatXJZGYzGzkDbvPwhjae/5+cZj6rTxh/HAemePpu/Y3Kzo+ndRJrYG6RxB1/JYc5IHOp5f3P6LGJKEXq+2t0HjqDz45lpawOnP3Twf/3I8gpSSjVZyOC/ocllY6JDjjx/ou4nrSjhUcKxeNvapfcLYzknMLY4XxKKsZeWGAXhZbrTKhlZHdOeiCdHm4MPWD0Qob9OCTMY4LFyiaig1p4zbMwf6VktHB0p4rWp3jf/yK1MVXyUBgHA64cDQ1IWvqkalrr29vnKDgDNbiA9+au+viNNw8ETWPLh70zOYhSuU0WAORsuANffzMuH69ZHUhUfKOpQAeXOCttq/ZR1Ns8iIMnPgYrZoMTMWSHp0eX67grjb+Dzs1yZhPDpeFyN2zYxNE2+Cil/naVjVJWUM42VItovruTqW0SBMPkvlmpdktliuuUrzdDgJgcbqCvKwWh0rSekLOS+L5pX7Pc57+2arQiDFPPPusj; path=/; domain=.csc.com
Set-Cookie: JSESSIONID=D5959664AE137D9E79DC198AAA8DD81D.tomcat1; Path=/
Set-Cookie: BC_HA_c111016a43948563_1107287B=44B6E1; Domain=.amer.csc.com; expires=Sat, 28-Sep-13 10:35:54 GMT; Path=/

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Possible fix in 170151d.

@cyberduck
Copy link
Collaborator Author

2f621bc commented

The login seems to work with the latest nightly build, but then the listing of the content fails.

HEAD /alfresco/webdav/Collaboration%20Home/Private/By%20name%20Z/Zurich%20ECM%20CoE/ECMaaS/ HTTP/1.1
Host: docs.amer.csc.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.4 (Mac OS X/10.8.5) (x86_64)
Authorization: Basic Ym5lc3RsZXI6TTBuc3RlcjA4X2Ih
HTTP/1.1 403 Forbidden
Date: Mon, 30 Sep 2013 07:34:52 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Cache-Control: proxy-revalidate
Connection: Keep-Alive
Set-Cookie: BC_HA_c111016a43948563_1107287B=453E37; Domain=.amer.csc.com; expires=Mon, 30-Sep-13 09:36:51 GMT; Path=/
PROPFIND /alfresco/webdav/Collaboration%20Home/Private/By%20name%20Z/Zurich%20ECM%20CoE/ECMaaS/ HTTP/1.1
Depth: 1
Content-Type: text/xml; charset=utf-8
Content-Length: 99
Host: docs.amer.csc.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.4 (Mac OS X/10.8.5) (x86_64)
Cookie: BC_HA_c111016a43948563_1107287B=453E37
Cookie2: $Version=1
Authorization: Basic Ym5lc3RsZXI6TTBuc3RlcjA4X2Ih
HTTP/1.1 403 Forbidden
Date: Mon, 30 Sep 2013 07:34:52 GMT
Server: Apache
Content-Length: 726
Content-Type: text/html; charset=iso-8859-1
Cache-Control: proxy-revalidate
Connection: Keep-Alive
Set-Cookie: BC_HA_c111016a43948563_1107287B=453E37; Domain=.amer.csc.com; expires=Mon, 30-Sep-13 09:36:52 GMT; Path=/

@cyberduck
Copy link
Collaborator Author

@dkocher commented

I can see no difference in the PROPFIND request with the basic Authorization header present between version 4.2.1 and 4.4. The difference is only the cookie value (expected) and user agent.

 Content-Length: 99
 Host: docs.amer.csc.com
 Connection: Keep-Alive
-User-Agent: Cyberduck/4.2.1 (Mac OS X/10.8.5) (i386)
-Cookie: BC_HA_c111016a43948563_1107287B=44B6E1; SMCHALLENGE=YES
+User-Agent: Cyberduck/4.4 (Mac OS X/10.8.5) (x86_64)
+Cookie: BC_HA_c111016a43948563_1107287B=453E37
 Cookie2: $Version=1
 Authorization: Basic Ym5lc3RsZXI6TTBuc3RlcjA4X2Ih

Please report this issue to Alfresco.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

My educated guess is that because we send the cookie obtained from the previous failing HEAD request authentication is failing although the credentials are valid.

@cyberduck
Copy link
Collaborator Author

2f621bc commented

Hi,

I guess yesterday I did a retry in between. The following log is taken directly after trying to map the share. The same configuration works flawless in 4.2.1

HEAD /alfresco/webdav/Collaboration%20Home/Private/By%20name%20Z/Zurich%20ECM%20CoE/ECMaaS/ HTTP/1.1
Host: docs.amer.csc.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.4 (Mac OS X/10.8.5) (x86_64)
Authorization: Basic Ym5lc3RsZXI6TTBuc3RlcjA4X2Ih
HTTP/1.1 403 Forbidden
Date: Tue, 01 Oct 2013 06:44:33 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Cache-Control: proxy-revalidate
Connection: Keep-Alive
Set-Cookie: BC_HA_c111016a43948563_1107287B=462264; Domain=.amer.csc.com; expires=Tue, 01-Oct-13 08:46:33 GMT; Path=/
PROPFIND /alfresco/webdav/Collaboration%20Home/Private/By%20name%20Z/Zurich%20ECM%20CoE/ECMaaS/ HTTP/1.1
Depth: 1
Content-Type: text/xml; charset=utf-8
Content-Length: 99
Host: docs.amer.csc.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.4 (Mac OS X/10.8.5) (x86_64)
Cookie: BC_HA_c111016a43948563_1107287B=462264
Cookie2: $Version=1
Authorization: Basic Ym5lc3RsZXI6TTBuc3RlcjA4X2Ih
HTTP/1.1 403 Forbidden
Date: Tue, 01 Oct 2013 06:44:33 GMT
Server: Apache
Content-Length: 726
Content-Type: text/html; charset=iso-8859-1
Cache-Control: proxy-revalidate
Connection: Keep-Alive
Set-Cookie: BC_HA_c111016a43948563_1107287B=462264; Domain=.amer.csc.com; expires=Tue, 01-Oct-13 08:46:33 GMT; Path=/

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Please reopen with feedback from Alfresco support regarding the issue.

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug thirdparty Issue caused by third party webdav WebDAV Protocol Implementation
Projects
None yet
Development

No branches or pull requests

2 participants