Add ACL support to webdav

[dkocher]

Original author: [email protected] (November 08, 2011 18:14:57)

Some server support ACL (access control list) extension. It would be useful to us if sardine is able to

1. list the access control list of a specific node (informations inside propfind)
2. patch a node to change it's acl (add/remove right)
3. list the subject node in the server (users / roles / groups / ...)

Original issue: http://code.google.com/p/sardine/issues/detail?id=109

[dkocher]

From [email protected] on November 09, 2011 10:26:27
A patch would be welcome.

[dkocher]

From [email protected] on November 09, 2011 15:26:23
i have none for now :)

Still need to investigate how ACL work behind the scene :)

[dkocher]

From [email protected] on November 09, 2011 16:14:38
for references: http://webdav.org/specs/rfc3744.html

if i find time to implement this for my needs, will upload patch :)

[dkocher]

From [email protected] on November 18, 2011 16:47:10
Here is a first patch that implements the following:

Getting owner / group / ACLs of a specific node. Principals supported are href and property. Just call

public DavAcl Sardine.getAcl(String uri)

[dkocher]

From [email protected] on November 18, 2011 21:03:23
Do you plan to implement a corresponding #setAcl for writing as well?

[dkocher]

From [email protected] on November 18, 2011 22:29:09
Do we need to extend the interface or can't we just add the acl property to DavResource and use Sardine#list?

[dkocher]

From [email protected] on November 18, 2011 22:33:33
In r315. Will leave this open until we have more tests.

[dkocher]

From [email protected] on November 18, 2011 23:48:04
Don't know if i'll have time to implement but missing features are

-> set acl
-> get inherited acl
-> get list of principals
-> get capabilities.

It's not recommanded to add ACL to DavResource, Spec for ACL mandates that server does not return ACL on a "allprop" PROPFIND request, because gathering ACL can be time consuming for server. Whatever you do, you can't in same request get all properties + ACL.

[dkocher]

From [email protected] on November 19, 2011 10:32:20
Thanks for the update. I should read the RFC first myself. Removed in r317.

[dkocher]

From [email protected] on November 21, 2011 14:40:23
Hello,

here is another patch that add support for

-> inherited ACL,
-> protected ACL,
-> property principal
-> D:all D:self D:unauthenticated D:authenticated principals.
-> Setting ACL on a node
-> Getting principalCollectionSet and listing principals in a Collection

[dkocher]

From [email protected] on November 23, 2011 16:55:17
That's a great patchset. What server have you tested against? What server implementations are available?

[dkocher]

From [email protected] on November 23, 2011 21:35:33
Tested against a jakarta-slide DAV server.

I have seen there exists and ACL extension on sourceforge for apache httpd, but did not try to compile / install it.

The http response used by test in handlertest were constructed using documentation and examples from the RFC

[dkocher]

From [email protected] on December 02, 2011 10:32:52
Do you plan on putting my second patch in subversion or do i need to make changes to it?

[dkocher]

From [email protected] on December 07, 2011 14:23:27
I have integrated the patch in my working copy but haven't commited yet because I hoped I could get some solution for testability of the code. We badly need some mock service to test against.

[dkocher]

From [email protected] on December 07, 2011 15:56:53
Maybe run this
http://code.google.com/p/sabredav/wiki/ACL
on a localserver and test against it?
Unfortunately, their implementation is not complete.
Other solution is to run the server against which code was tested: jakarta-slide, which is not longer supported.
Other option: start and run a milton server.
http://milton.ettrema.com/compat/index.html

[dkocher]

From [email protected] on December 07, 2011 15:57:55
am not sure, but maybe milton server could be started locally as part of unit test (pure java webdav server, i don't think it need tomcat and such)

[dkocher]

From [email protected] on December 10, 2011 14:04:28
We are waiting for http://jira.ettrema.com:8080/browse/MIL-101 to be fixed where we can test against until we have a mock service.

[dkocher]

From [email protected] on December 10, 2011 14:04:56
On another note, http://jira.ettrema.com:8080/browse/MIL-100 has been resolved which should allow testing against this implementation.

[dkocher]

From [email protected] on December 10, 2011 14:42:15
Latest patchset commited in r322. Tests pending.

[jcmarfilph]

Hi,

I've tried the 5.0 version but I am getting null Aces value as well as Group and Owner value. Here is the snippet....

    try {
          DavAcl resourceACL = sardine.getAcl(curDir  + "/" + doc.getTitle());              
          if (resourceACL.getAces() != null && resourceACL.getAces().size() <= 0) {
            doc.setAcl("None");
          }
          else {
            for (DavAce davace : resourceACL.getAces()) {
              if (!davace.getInherited().isEmpty()) {
                doc.setAcl(doc.getAcl() + ", Inherited: " + davace.getInherited());
              }

              if (davace.getPrincipal() != null) {
                doc.setAcl(doc.getAcl() + ", Principals: ");
                doc.setAcl(doc.getAcl() + ", " + davace.getPrincipal().getDisplayName() + "-" + davace.getPrincipal().getValue());
              }

              if (davace.getGranted().size() > 0) {
                doc.setAcl(doc.getAcl() + ", Granted: ");
                for (String granted : davace.getGranted()) {
                  doc.setAcl(doc.getAcl() + ", " + granted);
                }
              }

              if (davace.getDenied().size() > 0) {
                doc.setAcl(doc.getAcl() + ", Denied: ");
                for (String denied : davace.getDenied()) {
                  doc.setAcl(doc.getAcl() + ", " + denied);
                }
              }

            }
          }

          if (resourceACL.getGroup() != null) {
              doc.setAcl(doc.getAcl() + ", Group: " + resourceACL.getGroup());
          }

          if (resourceACL.getOwner() != null) {
            doc.setAcl(doc.getAcl() + ", Owner: " + resourceACL.getOwner());
          }
        } catch (IOException e) {

          if (logger.isErrorEnabled()) {
            logger.error("Error while getting ACL of resource", e);
          }

        }

Here are my Maven dependencies...

<dependency>
  <groupId>com.github.lookfirst</groupId>
  <artifactId>sardine</artifactId>
  <version>5.0</version>
</dependency>
<dependency>
  <groupId>org.apache.httpcomponents</groupId>
  <artifactId>httpcore</artifactId>
  <version>4.2.4</version>
</dependency>
<dependency>
  <groupId>org.apache.httpcomponents</groupId>
  <artifactId>httpclient</artifactId>
  <version>4.2.4</version>
</dependency>

Pulling out resource is working fine...
List resources = sardine.list(curDir);

Is there something that I need to do other than executing the sardine.getAcl?

TIA

[lookfirst]

I'm not sure if it'll help at all but 5.0.1 is the latest version.

[jcmarfilph]

Thanks for replying back.

I've tried 5.0.1 and I am still getting null Aces. Just an additional question, do I need admin permission to pull-out ACL?

Right now the service account has Contributor right only.

Thanks again.

[lookfirst]

Just an additional question, do I need admin permission to pull-out ACL?

That isn't a Sardine question, but I suspect that you'll need some sort of access to do so, otherwise you will probably get nulls.

[jcmarfilph]

Ok so I've tried an admin account just to see if that will help but it didn't. I can't even get the Owner or the Group where it belongs.

I would appreciate if you or someone can share a piece of code (that worked properly) to get/list the ACL of a SharePoint resource.

TIA.

[dkocher]

Post the HTTP wire log and we can see if the ACLs are present and add a test case to fix this if it is an issue in the Sardine code base that ACLs aren't parsed correctly.

[jcmarfilph]

Here the wire log after executing just sardine.getAcl. You will see that I am getting a mixture of status codes here...

401, then 207 then 200. You can that on the last few lines, it has 200 status code but the MultiStatus data is empty.

Note: I stripped off the random characters.....

DEBUG [org.apache.http.impl.client.DefaultHttpClient] Stale connection check
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: best-match
DEBUG [org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
DEBUG [org.apache.http.client.protocol.RequestTargetAuthentication] Target auth state: UNCHALLENGED
DEBUG [org.apache.http.client.protocol.RequestProxyAuthentication] Proxy auth state: UNCHALLENGED
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Attempt 1 to execute request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: PROPFIND /sites/TEST/default.aspx HTTP/1.1
DEBUG [org.apache.http.wire] >> "PROPFIND /sites/TEST/default.aspx HTTP/1.1[\r][\n]"
DEBUG [org.apache.http.wire] >> "Depth: 0[\r][\n]"
DEBUG [org.apache.http.wire] >> "Content-Type: text/xml; charset=utf-8[\r][\n]"
DEBUG [org.apache.http.wire] >> "Content-Length: 124[\r][\n]"
DEBUG [org.apache.http.wire] >> "Host: teamspace.company.com[\r][\n]"
DEBUG [org.apache.http.wire] >> "Connection: Keep-Alive[\r][\n]"
DEBUG [org.apache.http.wire] >> "User-Agent: Apache-HttpClient/4.2.4 (java 1.5)[\r][\n]"
DEBUG [org.apache.http.wire] >> "[\r][\n]"
DEBUG [org.apache.http.headers] >> PROPFIND /sites/TEST/default.aspx HTTP/1.1
DEBUG [org.apache.http.headers] >> Depth: 0
DEBUG [org.apache.http.headers] >> Content-Type: text/xml; charset=utf-8
DEBUG [org.apache.http.headers] >> Content-Length: 124
DEBUG [org.apache.http.headers] >> Host: teamspace.company.com
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.2.4 (java 1.5)
DEBUG [org.apache.http.wire] >> ""
DEBUG [org.apache.http.wire] << "HTTP/1.1 401 Unauthorized[\r][\n]"
DEBUG [org.apache.http.wire] << "Server: Microsoft-IIS/7.5[\r][\n]"
DEBUG [org.apache.http.wire] << "SPRequestGuid: 3ba09acf-cbce-4d13-b4f5-492242cd6e1d[\r][\n]"
DEBUG [org.apache.http.wire] << "WWW-Authenticate: Negotiate[\r][\n]"
DEBUG [org.apache.http.wire] << "WWW-Authenticate: NTLM[\r][\n]"
DEBUG [org.apache.http.wire] << "X-Powered-By: ASP.NET[\r][\n]"
DEBUG [org.apache.http.wire] << "MicrosoftSharePointTeamServices: 14.0.0.6131[\r][\n]"
DEBUG [org.apache.http.wire] << "X-MS-InvokeApp: 1; RequireReadOnly[\r][\n]"
DEBUG [org.apache.http.wire] << "Date: Thu, 08 Aug 2013 19:24:32 GMT[\r][\n]"
DEBUG [org.apache.http.wire] << "Content-Length: 0[\r][\n]"
DEBUG [org.apache.http.wire] << "[\r][\n]"
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << HTTP/1.1 401 Unauthorized
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/7.5
DEBUG [org.apache.http.headers] << SPRequestGuid: 3ba09acf-cbce-4d13-b4f5-492242cd6e1d
DEBUG [org.apache.http.headers] << WWW-Authenticate: Negotiate
DEBUG [org.apache.http.headers] << WWW-Authenticate: NTLM
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << MicrosoftSharePointTeamServices: 14.0.0.6131
DEBUG [org.apache.http.headers] << X-MS-InvokeApp: 1; RequireReadOnly
DEBUG [org.apache.http.headers] << Date: Thu, 08 Aug 2013 19:24:32 GMT
DEBUG [org.apache.http.headers] << Content-Length: 0
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Connection can be kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Authentication required
DEBUG [org.apache.http.impl.client.DefaultHttpClient] teamspace.company.com:80 requested authentication
DEBUG [org.apache.http.impl.client.TargetAuthenticationStrategy] Authentication schemes in the order of preference: [negotiate, Kerberos, NTLM, Digest, Basic]
DEBUG [org.apache.http.impl.auth.SPNegoScheme] Received challenge '' from the auth server
DEBUG [org.apache.http.impl.client.TargetAuthenticationStrategy] Challenge for Kerberos authentication scheme not available
DEBUG [org.apache.http.impl.client.TargetAuthenticationStrategy] Challenge for Digest authentication scheme not available
DEBUG [org.apache.http.impl.client.TargetAuthenticationStrategy] Challenge for Basic authentication scheme not available
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Selected authentication options: [NEGOTIATE, NTLM]
DEBUG [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: best-match
DEBUG [org.apache.http.client.protocol.RequestAuthCache] Auth cache not set in the context
DEBUG [org.apache.http.client.protocol.RequestTargetAuthentication] Target auth state: CHALLENGED
DEBUG [org.apache.http.client.protocol.RequestTargetAuthentication] Generating response to an authentication challenge using Negotiate scheme
DEBUG [org.apache.http.impl.auth.SPNegoScheme] init teamspace.company.com
DEBUG [org.apache.http.impl.auth.SPNegoScheme] Sending response '' back to the auth server
DEBUG [org.apache.http.client.protocol.RequestProxyAuthentication] Proxy auth state: UNCHALLENGED
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Attempt 2 to execute request
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Sending request: PROPFIND /sites/TEST/default.aspx HTTP/1.1
DEBUG [org.apache.http.wire] >> "PROPFIND /sites/TEST/default.aspx HTTP/1.1[\r][\n]"
DEBUG [org.apache.http.wire] >> "Depth: 0[\r][\n]"
DEBUG [org.apache.http.wire] >> "Content-Type: text/xml; charset=utf-8[\r][\n]"
DEBUG [org.apache.http.wire] >> "Content-Length: 124[\r][\n]"
DEBUG [org.apache.http.wire] >> "Host: teamspace.company.com[\r][\n]"
DEBUG [org.apache.http.wire] >> "Connection: Keep-Alive[\r][\n]"
DEBUG [org.apache.http.wire] >> "User-Agent: Apache-HttpClient/4.2.4 (java 1.5)[\r][\n]"
DEBUG [org.apache.http.wire] >> "Authorization: Negotiate "
DEBUG [org.apache.http.wire] >> "[\r][\n]"
DEBUG [org.apache.http.headers] >> PROPFIND /sites/TEST/default.aspx HTTP/1.1
DEBUG [org.apache.http.headers] >> Depth: 0
DEBUG [org.apache.http.headers] >> Content-Type: text/xml; charset=utf-8
DEBUG [org.apache.http.headers] >> Content-Length: 124
DEBUG [org.apache.http.headers] >> Host: teamspace.company.com
DEBUG [org.apache.http.headers] >> Connection: Keep-Alive
DEBUG [org.apache.http.headers] >> User-Agent: Apache-HttpClient/4.2.4 (java 1.5)
DEBUG [org.apache.http.headers] >> Authorization: Negotiate
DEBUG [org.apache.http.wire] >> ""
DEBUG [org.apache.http.wire] << "HTTP/1.1 207 MULTI-STATUS[\r][\n]"
DEBUG [org.apache.http.wire] << "Cache-Control: no-cache[\r][\n]"
DEBUG [org.apache.http.wire] << "Content-Length: 511[\r][\n]"
DEBUG [org.apache.http.wire] << "Content-Type: text/xml[\r][\n]"
DEBUG [org.apache.http.wire] << "Server: Microsoft-IIS/7.5[\r][\n]"
DEBUG [org.apache.http.wire] << "SPRequestGuid: b9f65c7d-fc00-4013-980a-b79a420fabd1[\r][\n]"
DEBUG [org.apache.http.wire] << "X-SharePointHealthScore: 2[\r][\n]"
DEBUG [org.apache.http.wire] << "Public-Extension: http://schemas.microsoft.com/repl-2[\r][\n]"
DEBUG [org.apache.http.wire] << "WWW-Authenticate: Negotiate [\r][\n]"
DEBUG [org.apache.http.wire] << "Persistent-Auth: false[\r][\n]"
DEBUG [org.apache.http.wire] << "X-Powered-By: ASP.NET[\r][\n]"
DEBUG [org.apache.http.wire] << "MicrosoftSharePointTeamServices: 14.0.0.6131[\r][\n]"
DEBUG [org.apache.http.wire] << "X-MS-InvokeApp: 1; RequireReadOnly[\r][\n]"
DEBUG [org.apache.http.wire] << "Date: Thu, 08 Aug 2013 19:24:32 GMT[\r][\n]"
DEBUG [org.apache.http.wire] << "[\r][\n]"
DEBUG [org.apache.http.impl.conn.DefaultClientConnection] Receiving response: HTTP/1.1 207 MULTI-STATUS
DEBUG [org.apache.http.headers] << HTTP/1.1 207 MULTI-STATUS
DEBUG [org.apache.http.headers] << Cache-Control: no-cache
DEBUG [org.apache.http.headers] << Content-Length: 511
DEBUG [org.apache.http.headers] << Content-Type: text/xml
DEBUG [org.apache.http.headers] << Server: Microsoft-IIS/7.5
DEBUG [org.apache.http.headers] << SPRequestGuid: b9f65c7d-fc00-4013-980a-b79a420fabd1
DEBUG [org.apache.http.headers] << X-SharePointHealthScore: 2
DEBUG [org.apache.http.headers] << Public-Extension: http://schemas.microsoft.com/repl-2
DEBUG [org.apache.http.headers] << WWW-Authenticate: Negotiate
DEBUG [org.apache.http.headers] << Persistent-Auth: false
DEBUG [org.apache.http.headers] << X-Powered-By: ASP.NET
DEBUG [org.apache.http.headers] << MicrosoftSharePointTeamServices: 14.0.0.6131
DEBUG [org.apache.http.headers] << X-MS-InvokeApp: 1; RequireReadOnly
DEBUG [org.apache.http.headers] << Date: Thu, 08 Aug 2013 19:24:32 GMT
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Connection can be kept alive indefinitely
DEBUG [org.apache.http.impl.client.DefaultHttpClient] Authentication succeeded
DEBUG [org.apache.http.wire] << "<"
DEBUG [org.apache.http.wire] << "?"
DEBUG [org.apache.http.wire] << "x"
DEBUG [org.apache.http.wire] << "m"
DEBUG [org.apache.http.wire] << "l version="1.0" encoding="ut"
DEBUG [org.apache.http.wire] << "f"
DEBUG [org.apache.http.wire] << "-"
DEBUG [org.apache.http.wire] << "8"
DEBUG [org.apache.http.wire] << """
DEBUG [org.apache.http.wire] << " "
DEBUG [org.apache.http.wire] << "?"
DEBUG [org.apache.http.wire] << ">"
DEBUG [org.apache.http.wire] << "<D:multistatus xmlns:D="DAV:" xmlns:Office="urn:schemas-microsoft-com:office:office" xmlns:Repl="http://schemas.microsoft.com/repl/" xmlns:Z="urn:schemas-microsoft-com:">[\r][\n]"
DEBUG [org.apache.http.wire] << "<D:response><D:href>http://teamspace.company.com/sites/TEST/default.aspx/D:href<D:propstat><D:prop>/D:prop<D:status>HTTP/1.1 200 OK/D:status/D:propstat<D:propstat><D:prop><D:owner/><D:group/><D:acl/>/D:prop<D:status>HTTP/1.1 404 Not Found/D:status/D:propstat/D:response/D:multistatus"
DEBUG [org.apache.http.impl.conn.BasicClientConnectionManager] Releasing connection org.apache.http.impl.conn.ManagedClientConnectionImpl@60f1439d
DEBUG [org.apache.http.impl.conn.BasicClientConnectionManager] Connection can be kept alive indefinitely

[lookfirst]

Actually, the propfind looks ok. It is a multi step auth. Notice the 207
response near the end. It would be nice to see the body of the responses.

On Thu, Aug 8, 2013 at 12:09 PM, jcmarfilph [email protected]:

Here the wire log after executing getAcl

Looks like the account is unauthorized to execute the PROPFIND. Note: I
stripped off the random characters.....

2013-08-08 15:02:32,415 [conn.BasicClientConnectionManager] DEBUG: Get
connection for route {}->http://teamspace.company.com
2013-08-08 15:02:32,416 [client.DefaultHttpClient] DEBUG: Stale connection
check
2013-08-08 15:02:32,418 [protocol.RequestAddCookies] DEBUG: CookieSpec
selected: best-match
2013-08-08 15:02:32,418 [protocol.RequestAuthCache] DEBUG: Auth cache not
set in the context
2013-08-08 15:02:32,418 [protocol.RequestTargetAuthentication] DEBUG:
Target auth state: UNCHALLENGED
2013-08-08 15:02:32,418 [protocol.RequestProxyAuthentication] DEBUG: Proxy
auth state: UNCHALLENGED
2013-08-08 15:02:32,418 [client.DefaultHttpClient] DEBUG: Attempt 1 to
execute request
2013-08-08 15:02:32,418 [conn.DefaultClientConnection] DEBUG: Sending
request: PROPFIND /sites/test/default.aspx HTTP/1.1
2013-08-08 15:02:32,419 [http.headers] DEBUG: >> PROPFIND
/sites/test/default.aspx HTTP/1.1
2013-08-08 15:02:32,419 [http.headers] DEBUG: >> Depth: 0
2013-08-08 15:02:32,419 [http.headers] DEBUG: >> Content-Type: text/xml;
charset=utf-8
2013-08-08 15:02:32,419 [http.headers] DEBUG: >> Content-Length: 124
2013-08-08 15:02:32,419 [http.headers] DEBUG: >> Host:
teamspace.company.com
2013-08-08 15:02:32,419 [http.headers] DEBUG: >> Connection: Keep-Alive
2013-08-08 15:02:32,419 [http.headers] DEBUG: >> User-Agent:
Apache-HttpClient/4.2.4 (java 1.5)
2013-08-08 15:02:32,471 [conn.DefaultClientConnection] DEBUG: Receiving
response: HTTP/1.1 401 Unauthorized
2013-08-08 15:02:32,471 [http.headers] DEBUG: << HTTP/1.1 401 Unauthorized
2013-08-08 15:02:32,471 [http.headers] DEBUG: << Server: Microsoft-IIS/7.5
2013-08-08 15:02:32,471 [http.headers] DEBUG: << SPRequestGuid:
851416cf-0873-4a3e-9ccf-dbbbfae9470a
2013-08-08 15:02:32,471 [http.headers] DEBUG: << WWW-Authenticate:
Negotiate
2013-08-08 15:02:32,471 [http.headers] DEBUG: << WWW-Authenticate: NTLM
2013-08-08 15:02:32,472 [http.headers] DEBUG: << X-Powered-By: ASP.NET
2013-08-08 15:02:32,472 [http.headers] DEBUG: <<
MicrosoftSharePointTeamServices: 14.0.0.6131
2013-08-08 15:02:32,472 [http.headers] DEBUG: << X-MS-InvokeApp: 1;
RequireReadOnly
2013-08-08 15:02:32,472 [http.headers] DEBUG: << Date: Thu, 08 Aug 2013
19:02:31 GMT
2013-08-08 15:02:32,472 [http.headers] DEBUG: << Content-Length: 0
2013-08-08 15:02:32,472 [client.DefaultHttpClient] DEBUG: Connection can
be kept alive indefinitely
2013-08-08 15:02:32,473 [client.DefaultHttpClient] DEBUG: Authentication
required
2013-08-08 15:02:32,473 [client.DefaultHttpClient] DEBUG:
teamspace.company.com:80 requested authentication
2013-08-08 15:02:32,473 [client.TargetAuthenticationStrategy] DEBUG:
Authentication schemes in the order of preference: [negotiate, Kerberos,
NTLM, Digest, Basic]
2013-08-08 15:02:32,473 [auth.SPNegoScheme] DEBUG: Received challenge ''
from the auth server
2013-08-08 15:02:32,473 [client.TargetAuthenticationStrategy] DEBUG:
Challenge for Kerberos authentication scheme not available
2013-08-08 15:02:32,474 [client.TargetAuthenticationStrategy] DEBUG:
Challenge for Digest authentication scheme not available
2013-08-08 15:02:32,474 [client.TargetAuthenticationStrategy] DEBUG:
Challenge for Basic authentication scheme not available
2013-08-08 15:02:32,474 [client.DefaultHttpClient] DEBUG: Selected
authentication options: [NEGOTIATE, NTLM]
2013-08-08 15:02:32,474 [protocol.RequestAddCookies] DEBUG: CookieSpec
selected: best-match
2013-08-08 15:02:32,475 [protocol.RequestAuthCache] DEBUG: Auth cache not
set in the context
2013-08-08 15:02:32,475 [protocol.RequestTargetAuthentication] DEBUG:
Target auth state: CHALLENGED
2013-08-08 15:02:32,475 [protocol.RequestTargetAuthentication] DEBUG:
Generating response to an authentication challenge using Negotiate scheme
2013-08-08 15:02:32,475 [auth.SPNegoScheme] DEBUG: init
teamspace.company.com
2013-08-08 15:02:33,499 [auth.SPNegoScheme] DEBUG: Sending response 'some
random text here....' back to the auth server
2013-08-08 15:02:33,500 [protocol.RequestProxyAuthentication] DEBUG: Proxy
auth state: UNCHALLENGED
2013-08-08 15:02:33,500 [client.DefaultHttpClient] DEBUG: Attempt 2 to
execute request
2013-08-08 15:02:33,500 [conn.DefaultClientConnection] DEBUG: Sending
request: PROPFIND /sites/test/default.aspx HTTP/1.1
2013-08-08 15:02:33,500 [http.headers] DEBUG: >> PROPFIND
/sites/test/default.aspx HTTP/1.1
2013-08-08 15:02:33,500 [http.headers] DEBUG: >> Depth: 0
2013-08-08 15:02:33,500 [http.headers] DEBUG: >> Content-Type: text/xml;
charset=utf-8
2013-08-08 15:02:33,501 [http.headers] DEBUG: >> Content-Length: 124
2013-08-08 15:02:33,501 [http.headers] DEBUG: >> Host:
teamspace.company.com
2013-08-08 15:02:33,501 [http.headers] DEBUG: >> Connection: Keep-Alive
2013-08-08 15:02:33,501 [http.headers] DEBUG: >> User-Agent:
Apache-HttpClient/4.2.4 (java 1.5)
2013-08-08 15:02:33,501 [http.headers] DEBUG: >> Authorization: Negotiate
'some random text here....'
2013-08-08 15:02:33,616 [conn.DefaultClientConnection] DEBUG: Receiving
response: HTTP/1.1 207 MULTI-STATUS
2013-08-08 15:02:33,616 [http.headers] DEBUG: << HTTP/1.1 207 MULTI-STATUS
2013-08-08 15:02:33,616 [http.headers] DEBUG: << Cache-Control: no-cache
2013-08-08 15:02:33,616 [http.headers] DEBUG: << Content-Length: 511
2013-08-08 15:02:33,616 [http.headers] DEBUG: << Content-Type: text/xml
2013-08-08 15:02:33,616 [http.headers] DEBUG: << Server: Microsoft-IIS/7.5
2013-08-08 15:02:33,616 [http.headers] DEBUG: << SPRequestGuid:
39153b87-10dd-4f4d-88d6-f5a624a33593
2013-08-08 15:02:33,616 [http.headers] DEBUG: << X-SharePointHealthScore: 3
2013-08-08 15:02:33,617 [http.headers] DEBUG: << Public-Extension:
http://schemas.microsoft.com/repl-2
2013-08-08 15:02:33,617 [http.headers] DEBUG: << WWW-Authenticate:
Negotiate 'some random text here....'
2013-08-08 15:02:33,617 [http.headers] DEBUG: << Persistent-Auth: false
2013-08-08 15:02:33,617 [http.headers] DEBUG: << X-Powered-By: ASP.NET
2013-08-08 15:02:33,617 [http.headers] DEBUG: <<
MicrosoftSharePointTeamServices: 14.0.0.6131
2013-08-08 15:02:33,617 [http.headers] DEBUG: << X-MS-InvokeApp: 1;
RequireReadOnly
2013-08-08 15:02:33,617 [http.headers] DEBUG: << Date: Thu, 08 Aug 2013
19:02:32 GMT
2013-08-08 15:02:33,618 [client.DefaultHttpClient] DEBUG: Connection can
be kept alive indefinitely
2013-08-08 15:02:33,618 [client.DefaultHttpClient] DEBUG: Authentication
succeeded
2013-08-08 15:02:33,651 [conn.BasicClientConnectionManager] DEBUG:
Releasing connection
org.apache.http.impl.conn.ManagedClientConnectionImpl@25bd101https://github.com/org.apache.http.impl.conn.ManagedClientConnectionImpl/sardine/commit/25bd101b
2013-08-08 15:02:33,651 [conn.BasicClientConnectionManager] DEBUG:
Connection can be kept alive indefinitely

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/109#issuecomment-22347629
.

[jcmarfilph]

For some reason it is not displaying properly....

<D:response><D:href>http://teamspace.company.com/sites/TEST/default.aspx</D:href><D:propstat><D:prop></D:prop><D:status>HTTP/1.1 200 OK</D:status></D:propstat><D:propstat><D:prop><D:owner/><D:group/><D:acl/></D:prop><D:status>HTTP/1.1 404 Not Found</D:status></D:propstat></D:response>

But you can see that the fields are really blank

[lookfirst]

If you wrap things in [three backticks] XML or log output here [three backticks] it should display better.

[jcmarfilph]

Sorry the output is still wonky.

Can I attach or just email it to you?

[jcmarfilph]

Hi,

Any thoughts why the fields are blank?

Thanks,

Joms