[Davical-general] Apache 2.4 configuration with mod_proxy_fcgi - authentication not working

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Davical-general] Apache 2.4 configuration with mod_proxy_fcgi - authentication not working

jontheil
Hello list users,

I recently upgraded my FreeBSD server to 11.0-Release. After that, I changed my apache configuration from using mod_php to using mod_proxy_fcgi (php-fpm).

Now I have the well-known issue: I can log into the web interface but cannot log into the CalDAV account.

On the wiki, I can see a rather old page about FastCGI not passing all the necessary headers to php. But I cannot find anything anywhere about the right configuration with mod_proxy_fcgi.

I have tried various configurations, the latest being:

<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /usr/local/etc/letsencrypt/live/cal.example.com/cert.pem
SSLCertificateKeyFile /usr/local/etc/letsencrypt/live/cal.example.com/privkey.pem
SSLCertificateChainFile /usr/local/etc/letsencrypt/live/cal.example.com/chain.pem
DocumentRoot /usr/local/www/davical/htdocs
DirectoryIndex index.php index.html
ServerAlias cal.example.com
Alias /images/ "/usr/local/www/davical/htdocs/images"
SetEnvIf Authorization "(.+)" HTTP_AUTHORIZATION=$$1
<Directory "/usr/local/www/davical/htdocs">
Require all granted
CGIPassAuth On
</Directory>
AcceptPathInfo On
# ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9001/usr/local/www/davical/htdocs/$1
# DirectoryIndex /index.php index.php
<filesmatch \.php$>
SetHandler "proxy:fcgi://127.0.0.1:9001"
</filesmatch>
LogLevel debug
ErrorLog "/var/log/cal.example.com-error_log"
CustomLog "/var/log/cal.example.com-access_log" combinedio
</VirtualHost>

When debugging is set to ALL, I get this in my log:

php-fpm[29865]: DAVICAL_DEBUG: ALL: I18N:Bound domain =davical= to location =../locale= using character set =UTF-8=  
php-fpm[29865]: DAVICAL_DEBUG: ALL: caldav:Version (1.1.5) == 1001.5  
php-fpm[29865]: DAVICAL_DEBUG: LOG: always: Query: DBGQ: SELECT schema_major, schema_minor, schema_patch FROM awl_db_revision O
php-fpm[29865]: DAVICAL_DEBUG: LOG: always: Query: DBGQ: Took: 0.004788 to find 1 rows.  
php-fpm[29865]: DAVICAL_DEBUG: LOG: always: Query: DBGQ: SET TIMEZONE TO ?  
php-fpm[29865]: DAVICAL_DEBUG: LOG: always: Query: DBGQ: "0" => "Europe/Copenhagen"  
php-fpm[29865]: DAVICAL_DEBUG: LOG: always: Query: DBGQ: Took: 0.000855 to find 0 rows.  
php-fpm[29865]: DAVICAL_DEBUG: LOG: :***************** Request Header ****************  
php-fpm[29865]: DAVICAL_DEBUG: LOG: :PROPFIND /  
php-fpm[29865]: DAVICAL_DEBUG: LOG: headers:-->Host: calendar.example.com  
php-fpm[29865]: DAVICAL_DEBUG: LOG: headers:-->Depth: 0  
php-fpm[29865]: DAVICAL_DEBUG: LOG: headers:-->Brief: t  
php-fpm[29865]: DAVICAL_DEBUG: LOG: headers:-->Accept: */*  
php-fpm[29865]: DAVICAL_DEBUG: LOG: headers:-->Connection: keep-alive  
php-fpm[29865]: DAVICAL_DEBUG: LOG: headers:-->Prefer: return=minimal  
php-fpm[29865]: DAVICAL_DEBUG: LOG: headers:-->User-Agent: iOS/10.3.1 (14E304) accountsd/1.0  
php-fpm[29865]: DAVICAL_DEBUG: LOG: headers:-->Accept-Language: da-dk  
php-fpm[29865]: DAVICAL_DEBUG: LOG: headers:-->Accept-Encoding: gzip, deflate  
php-fpm[29865]: DAVICAL_DEBUG: LOG: :******************** Request ********************  
php-fpm[29865]: DAVICAL_DEBUG: LOG: request:--><?xml version="1.0" encoding="UTF-8"?>  
php-fpm[29865]: DAVICAL_DEBUG: LOG: request:--><A:propfind xmlns:A="DAV:">  
php-fpm[29865]: DAVICAL_DEBUG: LOG: request:--> <A:prop>  
php-fpm[29865]: DAVICAL_DEBUG: LOG: request:--> <A:current-user-principal/>  
php-fpm[29865]: DAVICAL_DEBUG: LOG: request:--> <A:principal-URL/>  
php-fpm[29865]: DAVICAL_DEBUG: LOG: request:--> <A:resourcetype/>  
php-fpm[29865]: DAVICAL_DEBUG: LOG: request:--> </A:prop>  
php-fpm[29865]: DAVICAL_DEBUG: LOG: request:--></A:propfind>  
php-fpm[29865]: DAVICAL_DEBUG: LOG: request:-->  
php-fpm[29865]: DAVICAL_DEBUG: ALL: HTTPAuth::AuthFailedResponse Requesting authentication in the 'DAViCal CalDAV Server' realm
php-fpm[29865]: DAVICAL_DEBUG: ALL: HTTPAuth::Session: User is not authorised: 87.49.146.214

I hope somebody has a working configuration and can point me in the right direction.
-- 
Regards,
Jon Theil Nielsen

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Davical-general mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/davical-general
Loading...