Mailing List Archive

On Fri, 2010-04-30 at 08:36 -0400, Jacques Morrisseau wrote:
> Hi!
> My Davical server is working just fine with thunderbird on the local
> network at my job. My boss asked me to make it accessible though the
> Juniper Firewall via a reverse proxy mechanism. I have tried several
> ways to access, with varying degree of success, the internal davical
> server and everything that I tried that managed to contact the
> internal server correctly, all had the same flaw: Deleting a
> specific event, deleted the associated collection.
>
> When I use the external SSL secure address and internal ordinary
> address and port, watching the log I could see on both internal and
> external apache server, that the PUT method is working fine giving
> something like
>
> PUT /caldav/someone/home/12345-asdfglasndfknln-214abcdefr.ics
>
> But when I use the external SSL secure address to delete an event on
> my thunderbird client, my logs shows
>
> DELETE /caldav.php/someone/home/
>
> And delete the entire collection of course instead of just erasing the
> event. When I configure my thunderbird client to use the internal
> address instead of the secure SSL one, it does the job correctly and
> erase only the requested event.
>
> I am currently using the reverse proxy configuration example from the
> davical website. I am also relatively new to apache server
> configuration. My guess is I am missing something in my SSL secure
> apache server configuration. If anyone has any pointer to solve my
> problem, it would be appreciated.

Hi Jacques,

If you use a reverse proxy you might need to set the $c->domain_name
option in the configuration file. While this is not normally needed, if
the domain name being used by client software differs from the domain
name which the proxy uses to access the server, then you will need to
set this to the domain name which the client software will use.

Also, your firewall should pass all of the following methods:

GET
HEAD
POST
PUT
OPTIONS
PROPFIND
REPORT
MKCALENDAR
MKCOL
PROPPATCH
DELETE
MOVE
ACL
LOCK
UNLOCK

DAViCal responds to all of these methods (and also BIND, UNBIND,
MKTICKET and DELTICKET but I don't know of any clients that use those
ones).

In particular, if OPTIONS, PROPFIND & REPORT are not allowed through,
then all CalDAV clients will fail to work. Some might still work if
only one of those was blocked.

It might be instructive to enable

$c->dbg['request'] = 1;
$c->dbg['response'] = 1;

in order to track the exact sequence (and content) of requests and
responses that DAViCal receives.

Cheers,
Andrew.
--
------------------------------------------------------------------------
andrew (AT) morphoss (DOT) com +64(272)DEBIAN
Be different: conform.
------------------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.morphoss.com/pipermail/davical-users/attachments/20100502/135d5ba4/attachment.pgp>
-------------- next part --------------