Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.
I'm running davfs2 1.3.2, attempting to access a Window$ Web Folder. I'm able to successfully access it via a browser on a Window$ box (after supplying credentials). However when I access it via the mount, I receive a 401 return:
xxxxxxxx@linux01:~/.davfs2> mount /mnt/cloud
Please enter the password to authenticate user <user> with server
http://<server>/share or hit enter for none.
/sbin/mount.davfs: Mounting failed.
I turned on httpauth debug -- here is what I got back:
Jun 27 11:40:12 linux01 mount.davfs: davfs2 1.3.2
Jun 27 11:40:18 linux01 mount.davfs: Initializing webdav
Jun 27 11:40:18 linux01 mount.davfs: ah_create, for WWW-Authenticate
Jun 27 11:40:18 linux01 mount.davfs: Not handling session.
Jun 27 11:40:18 linux01 mount.davfs: ah_post_send (#0), code is 401 (want 401), WWW-Authenticate is Negotiate, NTLM
Jun 27 11:40:18 linux01 mount.davfs: Got challenge (code 401).
Jun 27 11:40:18 linux01 mount.davfs: Got new auth challenge: Negotiate, NTLM
Jun 27 11:40:18 linux01 mount.davfs: Ignoring challenge 'Negotiate'.
Jun 27 11:40:18 linux01 mount.davfs: Ignoring challenge 'NTLM'.
Jun 27 11:40:18 linux01 mount.davfs: Finished parsing parameters.
The credential in the secrets file and given on command line are for HTTP-Authentication (BASIC and DIGEST) only. Your server uses Windows-authentication (NTLM).
The Neon-library, used by davfs2, supports GSSAPI and NTLM. But there are some problems to solve:
- by default NTLM is only allowed over TLS/SSL-connections by Neon. davfs2 does not change this defaults.
- when Neon tries to accept NTLM-authentication, it will use GSSAPI to find a "credentials cache". You probably have to set up GSSAPI on your system accordingly for this to succeed.
- I never cared about Windows-authentication, so I am not of any help there. But if any user gets NTLM working, it should make it into the davfs2-documentation.
P.S.: Of course, the server could support HTTP-authentication, just assuming there might be some none-windows clients.