Hi Patrick,
On Sep 26, 2009, at 23:25 , Patrick Ohly wrote:
I've got the session handling more or less working, now I fail to
get
the client authenticated in the server.
If I use
<requestedauth>md5</requestedauth>
<requiredauth>md5</requiredauth>
<autononce>yes</autononce>
<simpleauthuser>test</simpleauthuser>
<simpleauthpw>test</simpleauthpw>
then the server always replies with a challenge. I checked my
client, it
has test/test as username/password. The client tries a few times to
send
the right credentials, but eventually seems to give up. This did not
result in a failed sync status.
Hm, I don't exactly understand this, because I did my tests with the
server lib and the iPhone client with test/test as well. Note that
<simpleauthxxx> is only active if the plugin does NOT handle login,
i.e with <plugin_sessionauth>no</plugin_sessionauth>. Otherwise, the
TextDB plugin should do the authentication (it has test/test and super/
test built-in, hardwired).
Bottom line: test/test should work in both cases, with simpleauth and
with plugin auth.
You could rule out problems with saving the nonce by setting
<requestedauth>basic</requestedauth> and <requiredauth>basic</
requiredauth>.
If I use
<requestedauth>none</requestedauth>
<requiredauth>none</requiredauth>
<autononce>yes</autononce>
<simpleauthuser>test</simpleauthuser>
<simpleauthpw>test</simpleauthpw>
then the server still rejects the first client's message with a 401
status, but sends no challenge and the client gives up immediately.
In order to make that (login without credentials) work, the DB plugin
would need to agree with the no-user/pw, but the hardwired TextDB does
not allow that. When you let <simpleauthxxx> do the job (i.e.
<plugin_sessionauth>no</plugin_sessionauth>), IMHO it should work -
the simpleauth login routine TSyncSession::SessionLogin() lets
anonymous login pass (relying on <requiredauth> not set to "none" if
anonymous login is not allowed).
Where do I have to look in the server to debug the authentication
problem? I use SDK_textdb:
<plugin_module>[SDK_textdb]</plugin_module>
<plugin_sessionauth>yes</plugin_sessionauth>
<plugin_deviceadmin>yes</plugin_deviceadmin>
Hmm, I don't see where the SDK_textdb writes its files. I could of
course apply strace, but it is late again, so let me better ask.
There are three <pluginparams> to set the paths:
<datafilepath>, <blobfilepath> and <mapfilepath>. See chapter
"14.3.2
PluginParams of the textdb" in the config reference.
Usually <datafilepath> is sufficient - the other paths default to
<datafilepath> if not specified explicitly.
How do I configure this? I saw something about it writing in the
"application
datadir"
I'm not sure this is still true, I think this is a leftover from older
versions where textDB was not a plugin, but part of the engine and had
access to these general default paths (those that became "predefined
configuration variables", see config reference chapter 4.4).
, but how do I change that? <binfilespath> is not accepted in a
server config.
Yes, the binfiles are the client-only implementation for persistent
settings.
This could be the problem; without storing the next nonce,
authentication will always fail.
Most probably, yes. I expect it will work with "basic" auth (and then
with proper <datafilepath>).
Best Regards,
Lukas Zeller (luz(a)synthesis.ch)
-
Synthesis AG, SyncML Solutions & Sustainable Software Concepts
info(a)synthesis.ch,
http://www.synthesis.ch