Category Archives: Internet

Fixing Authentication of ownCloud for webfaction

So these days I was playing with setting up ownCloud – a cool application to server your own content. I was especially looking into having an online calender which is not saved at Google.

Now, the installation is straight forward. But once you start pointing your Calender program or browser to http://DOMAIN.TLD/apps/calendar/caldav.php/principals/USERNAME the password dialog always popped up, no matter if the password was correct or not.

After some investigations it turned out that this is caused by the special setup of my webspace provider. Basically, ownCloud extracts the username and password from the HTTP header via mod_rewrite and provides it to PHP over environment variables. Unfortunately, this mechanism is disabled by webfaction.

Fortunately they also propose a solution: Instead of passing the header over environment variables I have to pass it over the URL via an internal redirect. To achieve this, I’ve inserted a new conditional rule into my .htaccess file:

RewriteCond %{HTTP:Authorization} ^Basic.*
RewriteRule ^(.*) $1?Authorization=%{HTTP:Authorization} [QSA,C]
RequestHeader unset Authorization

This rule is active once a authentication header is transmitted. In that case the Authorization header is inserted in the query string. Additionally the Authorization header is removed since we end up doing endless recursions otherwise.

The only thing left now is to also tell ownCloud how to parse this new part of the query string. For that just add the following code to  ./lib/base.php around line 350 inside the init() function:

//sett http auth headers for Webfaction workaround
if(isset($_GET['Authorization']) && preg_match('/Basic\s+(.*)$/i', $_GET['Authorization'], $matches))
	list($name, $password) = explode(':', base64_decode($matches[1]));
	$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
	$_SERVER['PHP_AUTH_PW'] = strip_tags($password);

Congratulations! You have ownCloud up and running on webfaction.