Automatic service discovery by e-mail with preemptive authentication?



  • It's a nice to have, either way I'm posting it.

    DAVdroid synchronization is working fine, when I add a DAVdroid account by manually enter the URL and the user name (second option). I'd really like to profit from the automatic service discovery (only enter e-mail and password and let's go!), but unfortunately this is not working.

    I set up a radicale server behind and apache wsgi "proxy" and I set up correctly the SRV and TXT record for automatic discovery. the caldav and carddav url in my case is for now https://radicalewebserver/cal/. accessing the caldav server with curl works as expected. current-user-principal is https://radicalewebserver/cal/user/.

    curl -i ${URL}${USER}/ -X PROPFIND -u "$USER:$PW" -H 'Depth: 0' -d '<propfind xmlns="DAV:"><prop><CD:addressbook-home-set xmlns:CD="urn:ietf:params:xml:ns:carddav"/><C:calendar-home-set xmlns:C="urn:ietf:params:xml:ns:caldav"/></prop></propfind>'

    answer of curl request: http://pastebin.com/sANfWH30

    It seems to me that the automatic service discovery by only entering the email and password doesn't do a preemptive authentication, but in my scenario the user needs to authenticate for successfully accessing https://radicalewebserver/cal/, what i need to get a valid current-user-principal.

    davdroid debug log: http://pastebin.com/p5idfK65

    https://tools.ietf.org/html/rfc6764#page-5 says To facilitate "context paths" that might differ from user to user, the server MAY require authentication when a client tries to access the ".well-known" URI (i.e., the server would return a 401 status response to the unauthenticated request from the client, then return the redirect response only after a successful authentication by the client).

    So isn't that something which should be implemented? Or am I doing something wrong?


Log in to reply
 

Looks like your connection to Bitfire App Forums was lost, please wait while we try to reconnect.