- From: Kevin Wiggen <kwiggen@xythos.com>
- Date: Thu, 15 Mar 2007 08:38:49 -0800
- To: <keenriser@planet.nl>, "Konstantin Breu" <Konstantin.Breu@gmx.net>
- Cc: <w3c-dist-auth@w3.org>
Fun with Vista. I am running Ultimate on my MAC!!!! :)
Mount with http://zerg/testser
One thread seems to do the options to /
OPTIONS / HTTP/1.1
translate: f
User-Agent: Microsoft-WebDAV-MiniRedir/6.0.6000
Host: zerg
Content-Length: 0
Connection: Keep-Alive
To this my server sends 401. The client sends the exact same OPTONS request 8 times, every time Xythos responds:
HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
WWW-Authenticate: BASIC realm="zerg"
WWW-Authenticate: Digest realm="zerg", stale=false, nonce="a9f913cb2047d78006409618d3c41f77", qop="auth", algorithm="MD5"
Cache-Control: no-cache
Pragma: no-cache
Date: Thu, 15 Mar 2007 15:52:29 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 187
<html><title>Error 401</title><body>
Error: 401
<BR><H1>Forbidden</H1><BR>That action is not authorized. Please ensure that you are authenticated.<BR>
<p><p></p></p>
</body></html>
Finally a OPTIONS comes in that sends security:
OPTIONS / HTTP/1.1
translate: f
User-Agent: Microsoft-WebDAV-MiniRedir/6.0.6000
Host: zerg
Authorization: Digest username="testuser",realm="zerg",nonce="3e55e2b07924328e3e8c8c1510153347",uri="/",cnonce="11b27b4c6344cb7fc960b188486eb50e",nc=00000001,algorithm=MD5,response="2795d64e41bdac842e366f80292f33d6",qop="auth"
Connection: Keep-Alive
Content-Length: 0
And we respond with a 207:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: XythosSessionID1=[B@8ab08f-1143118060; Expires=Fri, 16-Mar-2007 15:52:37 GMT; Path=/
DAV: 1,2, access-control, ticket, version-control
MS-Author-Via: DAV
Allow: OPTIONS, PROPFIND, PROPPATCH, LOCK, UNLOCK, DELETE, GET, HEAD, MOVE, COPY, ACL, SEARCH
DASL: <DAV:basicsearch>
Accept-Ranges: bytes
Xythos-WFS-Version: Xythos WebFile Server 6.0.43.2
Content-Type: text/html
Content-Length: 0
Date: Thu, 15 Mar 2007 15:52:36 GMT
Then in a different thread (or at least socket connection) the PROPFINDS start coming
PROPFIND /testuser HTTP/1.1
Content-Length: 0
Depth: 0
translate: f
User-Agent: Microsoft-WebDAV-MiniRedir/6.0.6000
Host: zerg
Connection: Keep-Alive
2 of these before it actually sends the security across (so we are 401)
PROPFIND /testuser HTTP/1.1
Content-Length: 0
Depth: 0
translate: f
User-Agent: Microsoft-WebDAV-MiniRedir/6.0.6000
Host: zerg
Connection: Keep-Alive
Authorization: Digest username="testuser",realm="zerg",nonce="fd1c548507916a8357033e683637ecb8",uri="/testuser",cnonce="09531995e94a0c4854bf26b2d8b94588",nc=00000001,algorithm=MD5,response="5f7a62f219add0be995bca7d6d3e21b5",qop="auth"
To which we give the 207
HTTP/1.1 207 Multi-Status
Server: Apache-Coyote/1.1
Set-Cookie: XythosSessionID1=[B@8ab08f-1143118060; Expires=Fri, 16-Mar-2007 15:52:37 GMT; Path=/
Date: Thu, 15 Mar 2007 15:52:36 GMT
Content-Type: text/xml;charset=UTF-8
Content-Length: 1227
<?xml version="1.0" encoding="utf-8" ?>
<D:multistatus xmlns:D="DAV:" xmlns:XS="http://www.w3.org/2001/XMLSchema" xmlns:XSI="http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:b="urn:uuid:c2f41010-65b3-11d1-a29f-00aa00c14882/" >
<D:response xmlns:ns-1="http://www.xythos.com/namespaces/StorageServer">
<D:href>http://zerg/testuser/</D:href>
<D:propstat>
<D:prop>
<D:creationdate b:dt="dateTime.tz">2007-02-13T00:54:06Z</D:creationdate>
<D:lockdiscovery></D:lockdiscovery>
<D:displayname><![CDATA[testuser]]></D:displayname>
<D:resourcetype><D:collection/></D:resourcetype>
<D:getlastmodified b:dt="dateTime.rfc1123">Wed, 21 Feb 2007 21:45:08 GMT</D:getlastmodified>
<D:supportedlock><D:lockentry><D:lockscope><D:exclusive/></D:lockscope><D:locktype><D:write/></D:locktype></D:lockentry><D:lockentry><D:lockscope><D:shared/></D:lockscope><D:locktype><D:write/></D:locktype></D:lockentry></D:supportedlock>
<ns-1:sharefromstestuser_x0040_1_x003a_1001 XSI:type="XS:string"><![CDATA[]]></ns-1:sharefromstestuser_x0040_1_x003a_1001>
</D:prop>
<D:status>HTTP/1.1 200 OK</D:status>
</D:propstat>
</D:response>
</D:multistatus>
It then does a PROPFIND to /
PROPFIND / HTTP/1.1
Content-Length: 0
Depth: 0
translate: f
User-Agent: Microsoft-WebDAV-MiniRedir/6.0.6000
Host: zerg
Connection: Keep-Alive
Cookie: XythosSessionID1=[B@8ab08f-1143118060
Well 2 actually which you must 207 (its very similar to what we do above)
It then does a series of PROPFINDS to / and /testuser which we 207 like we do above.
The mount exists. I have seen the problem where I am attempting to mount a location like /testuser/foo/bar where the user does NOT have the security set to PROPFIND / AND /testuser AND /testuser/foo AND /testuser/foo/bar. If this is the case as the server does not send a nice 207 to the client for ANY of those parent directories including / the mount FAILS. This is what my posts to the newsgroups spoke about. I can give a LOT of reasons why a client would not be able to do this, and discussed this with MS but have not been given a response on if/when this would be fixed.
Interesting that when I tried
\\zerg\testuser it never sent an OPTIONS or a PROPFIND to /. I am not sure if this is because it somehow has the OPTIONS cached. I killed all of my IE windows (even though that doesn't mean as much in Vista) and my windows explorer windows and tried again and only saw a PROPFIND to /testuser
Interesting to note that this other model must run on port 80 or 443, at least \\zerg:9999\testuser did not work.
I then created a folder /foo/bar/fee to which testuser only has access to the fee folder and NOT its parents (this fails with the http://zerg/testuser/foo/bar/fee mount as explained above).
I then tried \\zerg\foo\bar\fee and even before I hit return (after I typed \\zerg\foo\) it does a PROPFIND to /foo (which my server 404s due to security). It then does a series of PROPFINDs to / and /foo before it fails without mounting. So I am not sure what this other syntax does except for not doing the OPTIONS request with a different socket, the PROPFIND requests seem to be the same. I guess getting rid of the OPTIONS to / is something :)
I also read the posts you spoke about and it SCARES me when MS employees (at least people pretending to be MS employees) state:
>>> Having said that, there shouldn't be any need to install WebFolders since
>>> the WebDAV redirector has replaced all functionality provided by the
>>> WebFolders. The only thing that WebDAV redirector doesn't support (that
>>> WebFolders DID support) was being able to access WebDAV servers that don't
>>> support OPTIONS at their root.
This is NOT true. While the OPTIONS to root is a problem, the client also needs to PROPFIND all parent directories which in many cases (security, not having the webdav mount point at root, etc) is not true. I didn't take the time to point this out to Walter as I am late and now need to run to work.
Hope this helps,
Kevin
-----Original Message-----
From: w3c-dist-auth-request@w3.org [mailto:w3c-dist-auth-request@w3.org] On Behalf Of keenriser@planet.nl
Sent: Thursday, March 15, 2007 3:55 AM
To: Konstantin Breu
Cc: Kevin Wiggen; w3c-dist-auth@w3.org
Subject: Re: AW: WebDAV with Windows Vista
Hi,
I looked around on the web a bit and found a workaround that might work:
http://www.schiller.cc/blog/2007/01/29/bug-in-vistas-webdav-implementation
The steps:
1. Go to "Add a Network Location..."
2. Insert your webdav ressource in the following format:
"\\mywebdav.server@SSL\dav", insert (if applicable) your username by
"Connect using a different username" - and now, your shared folder
should appear :)
Hope it helps :)
Regards,
Erik
----- Oorspronkelijk bericht -----
Van: Konstantin Breu <Konstantin.Breu@gmx.net>
Datum: donderdag, maart 15, 2007 10:24 am
Onderwerp: AW: WebDAV with Windows Vista
>
> Hello,
>
> > http://www.vista64.net/forums/vista-general/21946-webdav-web-
> folder-clie
> > nt-msdaipp-dll-supported-vista.html
>
> I have posted there now, too:
> http://www.vista64.net/forums/vista-general/48154-webdav-support.html
> I tried all workarounds posted in the forum in different topics.
> None of
> them worked with my test client...
>
> My first tests were with Vista Business - there I did not see any
> clientserver requests when trying to get the network resource
> connection to the
> webdav site. This was different with Vista Ultimate. There the
> client did
> requests, but then still could not create the connection. I've done
> the test
> now also with the webdav function offered by Apache Tomcat. It's
> just the
> same. It works when the client is running at Windows XP, it does
> not work
> with client running Vista...
>
> Btw, they have a similar "Windows client workaround" like my webdav
> server:http://issues.apache.org/bugzilla/show_bug.cgi?id=40160
>
> Well now... according to the answers in this list it works at some
> Vistaclients of some persons. But when looking to the webdav
> questions at
> http://www.vista64.net it does not work at every client. I will try
> now to
> get better information from Microsoft support (to get some answer
> like "we
> know the problem, it will be fixed with patch xyz"). Is anyone in
> this list
> interested in that? Then I will post it here.
>
> Cheers,
> Konstantin
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: w3c-dist-auth-request@w3.org [mailto:w3c-dist-auth-
> request@w3.org] Im
> Auftrag von Kevin Wiggen
> Gesendet: Dienstag, 13. März 2007 18:37
> An: Konstantin Breu; w3c-dist-auth@w3.org
> Betreff: RE: WebDAV with Windows Vista
>
>
> Basically MS removed the "webfolders" client in Vista and now only has
> the mini-redirector (XP had BOTH and different version depending on
> whether Office was installed).
>
> http://www.vista64.net/forums/vista-general/21946-webdav-web-folder-
> client-msdaipp-dll-supported-vista.html
>
> There are 2 shortcomings of the redirector spoken about here (note
> thatthis is just to get the client to connect, once its connected I
> cannotspeak to other problems):
>
> 1) The client requires the ability to OPTION / (not always true)
> 2) The client will try to walk the chain from / to the mount point
> (there are many reasons the client couldn't do this including
> security).
>
> However if I try to mount /Kevin on a server (and have access to do
> so),it will connect.
>
> Also interesting that some of my follow-up comments were deleted from
> the forum. I guess someone didn't like the extended information I
> gave:)
>
> Kevin
>
> -----Original Message-----
> From: w3c-dist-auth-request@w3.org [mailto:w3c-dist-auth-
> request@w3.org]On Behalf Of Konstantin Breu
> Sent: Tuesday, March 13, 2007 6:46 AM
> To: w3c-dist-auth@w3.org
> Subject: WebDAV with Windows Vista
>
>
> Hello,
>
> @Mac/Linux users: I am sorry for asking **windows** specific questions
> here.
> Just stop reading... ;-)
>
> I have a WebDAV server (J2EE based), there is no problem to use it
> withWindows Explorer (via Network Resource), Internet Explorer (via
> openpage as
> Web folder), Office 2003/2007 when using Windows XP SP2.
>
> But so far I did not have any success when trying the same with
> WindowsVista. Windows Explorer cannot create the connection (but it
> is doing
> requests to the server), Internet Explorer only offers to open it
> as web
> page (GET). Office 2007 also only does GET, when I try to access the
> folders
> an files in the file open dialog. If I enter there a folder address
> (http://.....), it then does a GET against that address, and opens
> thatas
> "document" in Word etc...
>
> My question to the list: is there somebody, who was able to use
> WindowsExplorer/Internet Explorer/Office 2007 (or an older version)
> withWindows
> Vista as WebDAV client? Are there special settings for the client
> side,or
> additional installations, which I have to do? Or are there some
> additional
> requirements for the server, which Vista needs? (for example
> support of
> some
> Properties, Http headers, Authentication method,...) You could also
> sendme
> communication logs, if your server works with Vista, and you do not
> knowwhy.... ;)
>
> If there is somebody, who has the same problem: you can also drop
> me a
> line,
> then I could give you some hints when I have found out more... Of
> courseI
> also searched in the internet for information... I found
> descriptions of
> such problems, some people were describing workarounds, but so far
> theseworkarounds did not help me...
>
> I will also get into contact with Microsoft support, but this will
> takesome
> longer time, as I or my chief will have to pay for it. I will also do
> tests
> with other clients (for example WebDrive), and other servers (for
> example
> Slide, Tomcat), to see how they are working when the client OS is
> Vista...
>
> Cheers,
> Konstantin
>
> P.S. I was testing so far with Vista Business, but I have access to
> allversions.
>
>
>
>
>
>
>
Received on Thursday, 15 March 2007 16:39:44 UTC