Hello,
this is probably an easy question on how to use the security feature.
I have followed the chapter ‘WebDAV Security Setup’ successfully.
I chose the option Tamino (users) out of ‘Operating System’, ‘LDAP’ or ‘Tamino’.
After running ‘inodavconfig install security’ and editing the file server.xml the server restarts without errors.
Using a Webdav-Client (DAVExplorer) to access the ‘administration’ root collection, the client now asks for login. However,
regardless which user I use for authentication access is denied (HTTP 403).
For this reason I cannot use the ACL-method to grant access.
Should some pre-defined adminstrator user exist after enabling security ?
How do you proceed after activating security ? I did not find any hint within the documentation.
Thanks,
Roland Betz
Hello Roland,
this behavior can have several reasons. As first check if the “databaseUri” attribute of the realm element in your server.xml points to the right Tamino database. As next verify if the ino:security collection is not read protected (if it is read protected, the user that should be authenticated has to have the read right) and Tamino authentication is switched on in the Tamino database properties. As next check if the user which should be authenticated is a memeber of a Tamino group, defined under ino:group. This group has to be added as role in the web.xml like explained in the webdav documentation.
regards Eckehard
Hello Eckehard,
thank you for this good advice.
It was the role missing in web.xml. The documentation is not very clear about which changes the inodavconfig script makes and which it leaves to the user.
Thank you,
Roland Betz