Hi Mike, Rather than distinguishing a browser from *anything else*, I'd highly recommend using 2 endpoints instead. The only other way would be to try to maintain a whitelist of user-agents.. but that's not a really robust solution.
You could also look at the Accept header and see if the client prefers receiving text/html, but off-hand I wouldn't know if there are any other clients that also request that. So I think you're best off creating 2 endpoints, one for a DAV client and one for a browser. Evert On Friday, January 24, 2014 7:58:11 PM UTC-5, Mike Macgirvin wrote: > > I've got sabre dav connected to a custom file store with decentralised > authentication and permissions. This part is working well. > > What I'd like to do is be able to invoke auth->Authenticate() when used as > a DAV volume, but NOT when the web browser interface is presented. In the > browser case we've already determined who the viewer is out of band before > we initialise the root Directory, and don't want to throw up an HTTP-auth > login box for unauthenticated guests. But when used as a DAV volume we need > HTTP-auth to work, because DAV requests generally don't know about your > browser cookies and everybody will be unauthenticated. > > I'm not afraid to get my hands dirty. But I'm trying to find some way to > discover in advance if the Browser plugin will handle the request (or not) > - after the Server constructor is called but before invoking > auth->Authenticate(). > > Any pointers appreciated. > -- You received this message because you are subscribed to the Google Groups "SabreDAV Discussion" group. To unsubscribe from this group and stop receiving emails from it, send an email to sabredav-discuss+unsubscr...@googlegroups.com. To post to this group, send email to sabredav-discuss@googlegroups.com. Visit this group at http://groups.google.com/group/sabredav-discuss. For more options, visit https://groups.google.com/groups/opt_out.
