We analyzed the issue and it was indeed a (not that uncommon) rule in the
firewall/proxy solution that mandated the presence of "Mozilla" and "Windows".
The solution was to change the user agents to the style "Mozilla/5.0 ($OS)
mirall/x.x.x". After that, the proxy happily accpted basic auth.
This way, at least the Windows client will work. I was willing to make that
sacrifice because I am aware of at least one mobile ISP that checks for user
agents (of course the real fix is to encrypt your traffic with SSL, but some
choose not to). I am not willing to hardcode "Windows" though when its not
(Linux, OS X). This makes debugging hell ("What, you are using Mac OS? The
server logs indicate you are using a Windows client!").
IMHO, User-Agent filtering is even more retarded than blocking ports (claim to
fame: all modern malware is using port 80 today, making it even harder to
detect), but at least that makes ownCloud client work in a "slightly paranoid
default corporate setting".
Daniel
Am 29.05.2013 um 10:37 schrieb Marcos Mezo:
> I'm just a follower of the mailing list and testing OwnCloud myself for a few
> months, so no expert here.
>
> From what I see ,you are using a proxy and when using the web browser it
> validates "automagically" with NTLM.
>
> As far as I know, but maybe things have changed, with client version 1.2
> onwards proxy auth is supported, but only with basic authentication, not with
> NTLM. Quoting a mail from this mailinglist from 17/1/2013:
> ------
> today we released the ownCloud Client 1.2.0 beta 2 which includes the
> following improvements and new features since beta 1:
>
> - Fix proxy authentication (Basic auth, NTLM will not yet work)
> - The status dialog now provides statistics on the last sync run (via the
> info button)
> ------
>
> I have not seen any further anouncements regarding this issue, so I asume it
> might not be working yet.
>
> ¿Does this make sense?
>
> Marcos
>
>> Hey!
>> I would like to setup the owncloud-windows-clients in a company. (The
>> companies internet goes through a firewall)
>> I have a nginx webserver set up and I can connect to owncloud using the
>> windows client from home.
>> However, when I connect from the company, the windows-client gets http error
>> 403 (forbidden) responded.
>> Therefore I can still use the webclient in the company though. I made some
>> screenshots of wireshark sniffs where you can see the difference, between
>> the access:
>> https://www.dropbox.com/sh/4tu6ftcnhogfogi/YWvfL6vwIG
>> (I hope you excuse dropbox ;) )
>> Watching these files lets me assume, that the http user-agent might be
>> responsible for this firewall behaviour.
>>
>> Does anyone have further informations for this kind of problem?
>>
>> _______________________________________________
>> Owncloud mailing list
>> [email protected]
>> https://mail.kde.org/mailman/listinfo/owncloud
>
> _______________________________________________
> Owncloud mailing list
> [email protected]
> https://mail.kde.org/mailman/listinfo/owncloud
--
www.owncloud.com - Your Data, Your Cloud, Your Way!
ownCloud GmbH, GF: Markus Rex, Holger Dyroff
Schloßäckerstrasse 26a, 90443 Nürnberg, HRB 28050 (AG Nürnberg)
_______________________________________________
Owncloud mailing list
[email protected]
https://mail.kde.org/mailman/listinfo/owncloud
