Arthur Schiwon
be572de7f0
fix unittest
2016-03-21 21:53:16 +01:00
Lukas Reschke
9b3c4e8dc4
Require CSRF token for non WebDAV authenticated requests
2016-02-18 11:18:36 +01:00
Thomas Müller
682821c71e
Happy new year!
2016-01-12 15:02:18 +01:00
Roeland Jago Douma
4a38793d11
Allow only cookie auth to webdav
2016-01-07 10:44:26 +01:00
Thomas Müller
1d30f0fcdb
Merge pull request #20760 from owncloud/webdav-authredirectfix
...
Only reject ajax auth if user is really logged out
2015-11-27 13:16:01 +01:00
Vincent Petry
d02e0eaaf1
Only reject ajax auth if user is really logged out
2015-11-26 17:04:21 +01:00
Thomas Müller
c25a7cc4da
Users are available under it's own principal resource named 'principals/users' this will allow us to introduce e.g. groups as principals (one day) and system specific principals (needed for federation)
2015-11-25 22:23:34 +01:00
Thomas Müller
ae36c01b95
Adjust sabre changes in core
2015-11-24 15:11:54 +01:00
Vincent Petry
055d58bfc3
Do not authenticate over ajax
...
This makes sure that whenever a Webdav call is done through Ajax, if the
session has expired, it will not send back a challenge but a simple 401
response. Without this fix, the default code would send back a challenge
and trigger the browser's basic auth dialog.
2015-11-23 09:44:30 +01:00
Thomas Müller
d8e965e59a
Introducing CardDAV into core
2015-11-06 15:26:51 +01:00
Lukas Reschke
cddc9abc06
Add tests for Sabre Auth plugin + make getCurrentUser compatible
2015-10-23 17:30:47 +02:00