hi peter thanks for investigating! would you mind opening a new jira bug for this? this makes it easier later on to track changes made to the source.
thanks a lot angela Peter Darton wrote:
At present, DAV Explorer won't log in to the JCR WebDav servlet - it doesn't even ask for a username & password. (Neither the Microsoft WinXP WebDAV & Novell's NetDrive were as fussy and were happy to log in) Using Ethereal, I compared the traffic for a valid Slide WebDav login compared to a JCR WebDav login. I've now found and fixed the problem on my local build, and I've now got DAV Explorer to work with JCR Webdav. Here's a description of the bugfix: In jackrabbit/contrib/jcr-server/server/src/java/org/apache/jackrabbit/serv er/AbstractWebdavServlet.java, there is a public static final String DEFAULT_AUTHENTICATE_HEADER. This is currently set to "Basic Realm=Jackrabbit Webdav Server". This is not a valid string for use in this context as it is in breach of RFC2617 for 2 reasons: 1) "Realm" should be "realm" 2) "Jackrabbit Webdav Server" should be in quotes, i.e. "\"Jackrabbit Webdav Server\"" According to http://www.ietf.org/rfc/rfc2617.txt, a valid challenge would be: WWW-Authenticate: Basic realm="WallyWorld" Note that "realm" is not capitalised and "WallyWorld" has been enclosed in quotes. In other words, AbstractWebdavServlet.java line 82, which currently reads: public static final String DEFAULT_AUTHENTICATE_HEADER = "Basic Realm=Jackrabbit Webdav Server"; should be changed to read public static final String DEFAULT_AUTHENTICATE_HEADER = "Basic realm=\"Jackrabbit Webdav Server\""; _____________________________________________________________________ This e-mail has been scanned for viruses by MCI's Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com
