Re: [Evolution] Evolution Caldav SSO Access via GSSAPI/Kerberos - again

Dear Milan, 

may I return to the issue GSSAPI connection to a Caldav server (sorry
for the delay - it took some time for well prepared testing).

It still does not work. 

Now I have carefully built the recent complete evolution suite from* (version 3.43.1)
according to

Then I have created a calendar connection as usual from evolution.

I have modified the Authentication section of the .source file:

   Method=plain/password -> Method=GSSAPI

and it looks like this:


I have shut down the complete evolution eco system (including all
servers - really, checked this). I requested debugging for the calendar subsystem:

   CALDAV_DEBUG=1 $PREFIX/libexec/evolution-calendar-factory -w >& /tmp/evo-cal.log &

and launched them again.

The log file shows the authentication options the server is
advertising ("Negotiate" is what we need for GSSAPI):

< HTTP/1.1 401 Unauthorized
< Soup-Debug-Timestamp: 1636037476
< Soup-Debug: SoupMessage 1 (0x7f5f103c68b0)
< Date: Thu, 04 Nov 2021 14:51:16 GMT
< Server: Apache
< WWW-Authenticate: Negotiate
< WWW-Authenticate: Basic realm="User Login"
< Vary: accept-language,accept-charset
< Accept-Ranges: bytes
< Connection: close
< Transfer-Encoding: chunked
< Content-Type: text/html; charset=utf-8
< Content-Language: de

but the client insists in using the Basic authentication, even if that

OPTIONS /caldav.php/me/calendar/ HTTP/1.1
Soup-Debug-Timestamp: 1636037476
Soup-Debug: EWebDAVSession 1 (0x7f5f100557c0), SoupMessage 1 (0x7f5f103c6e50), SoupSocket 2 
(0x7f5f103c97a0), restarted
Host: exp-cal
User-Agent: Evolution/3.43.1
Connection: close
Cache-Control: no-cache
Pragma: no-cache
Accept-Encoding: gzip, deflate
Accept-Language: de-de, de;q=0.9
Authorization: Basic [me:*********]

the server replies:
< HTTP/1.1 401 Unauthorized
< Soup-Debug-Timestamp: 1636037476

I would have expected that at least after fail the client should do a next try
with negotiate authorization (like a browser would do). It does not.

The server operates correctly. I have checked this using curl:

      curl -o foo.vcs  --negotiate -u : http://cal/caldav.php/me/calendar/

That works as expected (wireshark shows that Negotiate is used). 

Is there any idea what I am doing wrong?

Thanks a lot for any advice and

best regards


Torsten Finke
torsten finke igh de

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]