MacFreek Posted January 15, 2017 Report Posted January 15, 2017 (edited) Hi, I set up Enpass using WebDAV authentication, and that seems to work fine. However, I am currently trying to configure it for my iPhone as well, but this fails. On the iPhone, the Enpass app gives the error "Authorization failed" even with the correct URL, username and password. my server logs give the following details: Enpass on iPhone: [error] Digest: client used wrong authentication scheme `Basic': /webdav/enpass/ As you probably know HTTP supports both Basic and Digest authentication. Basic is unencryted, Digest uses a hash. So it seems that the MacOS version does support both Basic and Digest authentication, but the iPhone version only Basic authentication. I will configure my server to allow Basic authentication. While Basic authentication does not encrypt passwords, it is fine, as long at HTTPS is used (if HTTP would be used, the password would be send in plain text on the Internet). Now I have three suggestions for improvement: Support HTTP Digest WebDAV authentication on iOS. I assume all libraries support both (the Digest protocol was published 1999, the Basic protocol is even older) Only support HTTPS protocol, not HTTP (in case that is not already the case). Alternatively, if you prefer to still support HTTP, ensure Digest encryption is used. Let the user explicitly choose the authentication scheme: Digest, Basic, or Digest with Basic as fall-back. Edited January 15, 2017 by MacFreek
Vinod Kumar Posted January 16, 2017 Report Posted January 16, 2017 Hi @MacFreek, Thanks for writing in. iPhone version currently supports only Basic authentication for WebDAV. We are aware of this limitation and will overcome it in future releases. Cheers
Recommended Posts