On Tue, Mar 03, 2009 at 02:14:34PM +0100, Georg Troska wrote:
> Hi,
> I was able to do it with Ubuntu Intrepid.
>
> Kerberos works. NSS not at the moment. I wrote a script that runs via
> cronjob creating a xml-file from LDAP for the user information.
> I'm still working on the NSS thing.
>
> Use account.xml with no password and loginnames that are of the same
> kind than in your kerberos database. Make sure that your keytab is
> readable by caldavd and use lowercase http/ (not HTTP/) for the
> principal entry.
> Kerberos based login are depending on your client as well. Which one are
> you using?
>
> Georg
I followed your idea, and now i'm trying with a generated account.xml
with kerberos authentication.
it still doesn't work, but with a more verbose error: here is the log.
2009-03-04 11:45:47+0100 [-] [caldav-8008] [-] Log opened.
2009-03-04 11:45:47+0100 [-] [caldav-8008] [-] twistd 8.1.0 (/usr/bin/python
2.5.2) starting up
2009-03-04 11:45:47+0100 [-] [caldav-8008] [-] reactor class: <class
'twisted.internet.selectreactor.SelectReactor'>
2009-03-04 11:45:47+0100 [-] [caldav-8008] [-]
twisted.web2.channel.http.HTTPFactory starting on 8008
2009-03-04 11:45:47+0100 [-] [caldav-8008] [-] Starting factory
<twisted.web2.channel.http.HTTPFactory instance at 0x188d7a0>
2009-03-04 11:45:47+0100 [-] [caldav-8008] [-]
twisted.web2.channel.http.HTTPFactory starting on 8443
2009-03-04 11:45:48+0100 [-] [caldav-8008] [-] set uid/gid 103/105
2009-03-04 11:45:48+0100 [twistedcaldav.logging.AMPLoggingFactory]
AMPLoggingProtocol connection established
(HOST:UNIXSocket('/var/run/caldavd/caldavd.socket') PEER:UNIXSocket(''))
2009-03-04 11:45:48+0100 [-] [caldav-8008] [-] AMP connection established
(HOST:UNIXSocket(None) PEER:UNIXSocket('/var/run/caldavd/caldavd.socket'))
2009-03-04 10:47:39+0100 [-] [caldav-8008] [HTTPChannel,0,192.168.0.29]
"Directory service <XMLDirectoryService 'DOMAIN.LOCAL':
FilePath('/etc/caldavd/accounts.xml')> has no GUID; generating service GUID
from realm name."
2009-03-04 10:47:39+0100 [-] [caldav-8008] [HTTPChannel,0,192.168.0.29]
"Directory service <SudoDirectoryService 'DOMAIN.LOCAL':
FilePath('/etc/caldavd/sudoers.plist')> has no GUID; generating service GUID
from realm name."
2009-03-04 10:47:39+0100 [-] [caldav-8008] [HTTPChannel,0,192.168.0.29] GET
/calendars/users/marco.ghidinelli/ HTTP/1.1
2009-03-04 10:47:39+0100 [-] [caldav-8008] [HTTPChannel,0,192.168.0.29]
'Authentication failed: Invalid nonce value: 6152332 -- a lot of numbers here
(ndr)-- 554623523'
2009-03-04 10:47:45+0100 [-] [caldav-8008] [HTTPChannel,0,192.168.0.29] GET
/calendars/users/marco.ghidinelli/ HTTP/1.1
2009-03-04 10:47:45+0100 [-] [caldav-8008] [HTTPChannel,0,192.168.0.29]
Exception rendering:
2009-03-04 10:47:45+0100 [-] [caldav-8008] [HTTPChannel,0,192.168.0.29]
Unhandled Error
2009-03-04 10:47:45+0100 [-] [caldav-8008] Traceback (most recent call
last):
2009-03-04 10:47:45+0100 [-] [caldav-8008] File
"/usr/lib/python2.5/site-packages/twisted/internet/defer.py", line 186, in
addCallbacks
2009-03-04 10:47:45+0100 [-] [caldav-8008] self._runCallbacks()
2009-03-04 10:47:45+0100 [-] [caldav-8008] File
"/usr/lib/python2.5/site-packages/twisted/internet/defer.py", line 328, in
_runCallbacks
2009-03-04 10:47:45+0100 [-] [caldav-8008] self.result =
callback(self.result, *args, **kw)
2009-03-04 10:47:45+0100 [-] [caldav-8008] File
"/usr/lib/python2.5/site-packages/twisted/web2/dav/resource.py", line 722, in
login
2009-03-04 10:47:45+0100 [-] [caldav-8008] d =
request.portal.login(pcreds, None, *request.loginInterfaces)
2009-03-04 10:47:45+0100 [-] [caldav-8008] File
"/usr/lib/python2.5/site-packages/twisted/cred/portal.py", line 114, in login
2009-03-04 10:47:45+0100 [-] [caldav-8008] return
maybeDeferred(self.checkers[i].requestAvatarId, credentials
2009-03-04 10:47:45+0100 [-] [caldav-8008] --- <exception caught here> ---
2009-03-04 10:47:45+0100 [-] [caldav-8008] File
"/usr/lib/python2.5/site-packages/twisted/internet/defer.py", line 106, in
maybeDeferred
2009-03-04 10:47:45+0100 [-] [caldav-8008] result = f(*args, **kw)
2009-03-04 10:47:45+0100 [-] [caldav-8008] File
"/usr/lib/python2.5/site-packages/twistedcaldav/directory/aggregate.py", line
135, in requestAvatarId
2009-03-04 10:47:45+0100 [-] [caldav-8008]
type).requestAvatarId(credentials)
2009-03-04 10:47:45+0100 [-] [caldav-8008] File
"/usr/lib/python2.5/site-packages/twistedcaldav/directory/directory.py", line
109, in requestAvatarId
2009-03-04 10:47:45+0100 [-] [caldav-8008] if
user.verifyCredentials(credentials.credentials):
2009-03-04 10:47:45+0100 [-] [caldav-8008] File
"/usr/lib/python2.5/site-packages/twistedcaldav/directory/xmlfile.py", line
144, in verifyCredentials
2009-03-04 10:47:45+0100 [-] [caldav-8008] return
credentials.checkPassword(self.password)
2009-03-04 10:47:45+0100 [-] [caldav-8008] File
"/usr/lib/python2.5/site-packages/twisted/web2/auth/digest.py", line 153, in
checkPassword
2009-03-04 10:47:45+0100 [-] [caldav-8008] calcHA1(algo,
self.username, self.realm, password, nonce, cnonce),
2009-03-04 10:47:45+0100 [-] [caldav-8008] File
"/usr/lib/python2.5/site-packages/twisted/web2/auth/digest.py", line 62, in
calcHA1
2009-03-04 10:47:45+0100 [-] [caldav-8008] m.update(pszPassword)
2009-03-04 10:47:45+0100 [-] [caldav-8008] exceptions.TypeError: update()
argument 1 must be string or read-only buffer, not None
the account.xml is:
<!DOCTYPE accounts SYSTEM "accounts.dtd">
<accounts realm="DOMAIN.LOCAL">
<user>
<uid>admin</uid>
<name>Super User</name>
</user>
<user>
<uid>marco.ghidinelli</uid>
<name>Marco Ghidinelli</name>
<cuaddr>mailto:[email protected]</cuaddr>
</user>
</accounts>
_______________________________________________
calendarserver-users mailing list
[email protected]
http://lists.macosforge.org/mailman/listinfo.cgi/calendarserver-users
