I know php fpm isn't recommended but for old app compatibility I'm running owncloud with apache and php fpm.
When accessing /remote.php/webdav
with php-fpm and without I get distinct results for WWW-Authenticate header, which fail to auth with mobile clients
With php5.6-fpm
curl -i -X GET https://.../remote.php/webdav
WWW-Authenticate: Basic realm="ownCloud", Bearer realm="ownCloud"
Without php5.6-fpm, with mod_php
curl -i -X GET https://.../remote.php/webdav
WWW-Authenticate: Basic realm="ownCloud"
WWW-Authenticate: Bearer realm="ownCloud"
The "only" difference is the presence or not of php5.6-fpm. I've read many things about auth header with fpm, but nothing about what I'm going through. Nothing about how header are managed.
I've found that
lib/composer/sabre/http/lib/Auth/Bearer.php:51
lib/composer/sabre/http/lib/Auth/Basic.php:58
are responsible for call addHeader function which is defined on
lib/composer/sabre/http/lib/Message.php:235
Since the code method is the same, something misconfigured or misbehaving with my web server
Expected behaviour
Two WWW-Authenticate headers
Actual behaviour
One WWW-Authenticate header with content append
Server configuration
Operating system:
Ubuntu 14.04.5 LTS
Web server:
Apache/2.4.33 (Ubuntu)
Database:
mysqld Ver 5.5.54-1trusty for debian-linux-gnu on x86_64 ((Ubuntu), wsrep_25.20)
galera-3 25.3.23+1trusty
PHP version:
PHP 5.6.34-1+ubuntu14.04.1+deb.sury.org+1 (fpm-fcgi)
ownCloud version: (see ownCloud admin page)
10.0.4
Updated from an older ownCloud or fresh install:
Updated from 7, then from 9
Where did you install ownCloud from:
tar.gz from owncloud.org
The content of config/config.php:
"system": {
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"allow_user_to_change_display_name": false,
"appstoreenabled": false,
"asset-pipeline.enabled": true,
"custom_csp_policy": "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src *; img-src 'self' blob: *; font-src * 'self' data:; media-src *",
"datadirectory": "\/var\/www\/cncCloud\/data",
"default_language": "pt_BR",
"dbtype": "mysql",
"dbname": "owncloud",
"dbhost": "proxy-dev-01",
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"dbtableprefix": "oc_",
"enable_avatars": false,
"forcessl": true,
"has_internet_connection": false,
"installed": true,
"knowledgebaseenabled": false,
"log_type": "syslog",
"logfile": "",
"loglevel": "0",
"logtimezone": "America\/Recife",
"lost_password_link": "disabled",
"mail_from_address": "noreply",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "587",
"mail_smtpauth": true,
"mail_smtpauthtype": "LOGIN",
"mail_smtpmode": "smtp",
"mail_smtpsecure": "ssl",
"maintenance": false,
"session_lifetime": "21600",
"trashbin_retention_obligation": "30, auto",
"memcached_servers": [
[
"web-dev-01",
"11211"
],
[
"web-dev-02",
"11211"
]
],
"skeletondirectory": "",
"updatechecker": false,
"version": "10.0.4.4",
"versions_retention_obligation": "auto"
}
}
**List of activated apps:**
Enabled:
- account_closure: 0.0.1
- activity: 2.3.6
- anolis_openstack: 0.0.1
- comments: 0.3.0
- configreport: 0.1.1
- customgroups: 0.3.6
- dav: 0.3.2
- federatedfilesharing: 0.3.1
- federation: 0.1.0
- feedback: 1.1
- files: 1.5.1
- files_external: 0.7.1
- files_pdfviewer: 0.8.2
- files_restriction: 1.0.0
- files_sharing: 0.10.1
- files_texteditor: 2.2.1
- files_trashbin: 0.9.1
- files_versions: 1.3.0
- files_videoplayer: 0.9.8
- folder_uploader: 0.0.1
- gallery: 16.0.2
- interactive_tutorial: 1.0
- notifications: 0.3.2
- oauth2: 0.2.1
- provisioning_api: 0.5.0
- richdocuments: 2.0.5
- systemtags: 0.3.0
- templateeditor: 0.1
- theme-edudrive: 1.0.0
- updatenotification: 0.2.1
- user_shib: 0.1
Are you using external storage, if yes which one:
yes, openstack swift
Are you using encryption: yes/no
no
Are you using an external user-backend, if yes which one:
Yes, Shibboleth