Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Interoperability with Sharepoint on Office 365 #9103

Closed
cyberduck opened this issue Nov 5, 2015 · 9 comments
Closed

Interoperability with Sharepoint on Office 365 #9103

cyberduck opened this issue Nov 5, 2015 · 9 comments
Assignees
Labels
duplicate feature webdav WebDAV Protocol Implementation
Milestone

Comments

@cyberduck
Copy link
Collaborator

5a284c8 created the issue

When I try to connect to my company's Sharepoint hosted on Office 365, I get "403 FORBIDDEN". I had the IT manager check settings and try to fiddle with a few things as well, but nothing changed that error.

Searching online, it seems like there may be some terminal commands to show hidden options to get Sharepoint on Office 365 to work (since it's IWA), but it's not entirely clear.

I asked on Twitter whether Cyberduck is supposed to support Sharepoint like this and was told yes, and when I followed up with this issue, I was asked to submit a support ticket with the log drawer, which is below:

HEAD / HTTP/1.1
Host: gencon.sharepoint.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.7.3.18402 (Mac OS X/10.11.1) (x86_64)
Accept-Encoding: gzip,deflate
Authorization: Basic ZGVyZWsuZ3VkZXJAZ2VuY29uLmNvbTpTdW1tZXIyMDE1
HTTP/1.1 403 FORBIDDEN
Content-Length: 13
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/8.5
X-SharePointHealthScore: 0
SPRequestGuid: 54af3e9d-d03b-2000-09e6-f7ec7ac089b7
request-id: 54af3e9d-d03b-2000-09e6-f7ec7ac089b7
X-Forms_Based_Auth_Required: https://gencon.sharepoint.com/_forms/default.aspx?ReturnUrl=/_layouts/15/error.aspx&Source=/
X-Forms_Based_Auth_Return_Url: https://gencon.sharepoint.com/_layouts/15/error.aspx
X-MSDAVEXT_Error: 917656; Access+denied.+Before+opening+files+in+this+location%2c+you+must+first+browse+to+the+web+site+and+select+the+option+to+login+automatically.
X-IDCRL_AUTH_PARAMS_V1: IDCRL Type="BPOSIDCRL", EndPoint="/_vti_bin/idcrl.svc/", RootDomain="sharepoint.com", Policy="MBI"
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 16.0.0.4608
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Thu, 05 Nov 2015 17:53:44 GMT
PROPFIND / HTTP/1.1
Depth: 1
Content-Type: text/xml; charset=utf-8
Content-Length: 99
Host: gencon.sharepoint.com
Connection: Keep-Alive
User-Agent: Cyberduck/4.7.3.18402 (Mac OS X/10.11.1) (x86_64)
Accept-Encoding: gzip,deflate
Authorization: Basic ZGVyZWsuZ3VkZXJAZ2VuY29uLmNvbTpTdW1tZXIyMDE1
HTTP/1.1 403 FORBIDDEN
Content-Type: text/plain; charset=utf-8
Server: Microsoft-IIS/8.5
X-SharePointHealthScore: 0
SPRequestGuid: 54af3e9d-604d-2000-09e6-f830f60d162b
request-id: 54af3e9d-604d-2000-09e6-f830f60d162b
X-Forms_Based_Auth_Required: https://gencon.sharepoint.com/_forms/default.aspx?ReturnUrl=/_layouts/15/error.aspx&Source=/
X-Forms_Based_Auth_Return_Url: https://gencon.sharepoint.com/_layouts/15/error.aspx
X-MSDAVEXT_Error: 917656; Access+denied.+Before+opening+files+in+this+location%2c+you+must+first+browse+to+the+web+site+and+select+the+option+to+login+automatically.
X-IDCRL_AUTH_PARAMS_V1: IDCRL Type="BPOSIDCRL", EndPoint="/_vti_bin/idcrl.svc/", RootDomain="sharepoint.com", Policy="MBI"
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 16.0.0.4608
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Thu, 05 Nov 2015 17:53:44 GMT
Content-Length: 13

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Looks like a proprietary authentication model that we cannot currently support.

@cyberduck
Copy link
Collaborator Author

5a284c8 commented

I coulda told you that it was non-standard, certainly :)

You might want to let your social media team know, they had informed me that it should work.

I'd also like to lodge a feature request for this support. From what I understand there is a way to work with it now. I'm not sure about the details, but a couple other programs I've been experimenting with said that they were currently working on adding the feature in a future update.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

#6131 closed as duplicate.

@cyberduck
Copy link
Collaborator Author

@ylangisc commented

Unless you have setup Active Directory Federation Services (ADFS), Sharepoint Online exclusively needs Claims-Based Authentication based on WS-Federation which Cyberduck currently does not support. With ADFS configured you can authenticate through NTLM which Cyberduck supports. There is currently no Java library supporting Claims-Based Authentication against Sharepoint Online. A few resources that could help to implement it in Java:

@cyberduck
Copy link
Collaborator Author

@cyberduck
Copy link
Collaborator Author

@dkocher commented

We will provide support by integrating support for OneDrive.

The OneDrive API is available for OneDrive, OneDrive for Business, SharePoint, and SharePoint Server 2016.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

See also #9799.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Will be resolved with #9799.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

See also #10115.

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
duplicate feature webdav WebDAV Protocol Implementation
Projects
None yet
Development

No branches or pull requests

2 participants