Avoiding Windows (Vista) to Perform Double Webdav Requests

Question

Avoiding Windows (Vista) to Perform Double Webdav Requests

We use DIGEST authentication for our access to WebDAV. We observe that Windows clients send each request twice. The first request has no header Authorization(and gets a 401 response), the second request has a header Authorization(and usually gets the correct answer).

While the user probably does not see this, he makes accessible access to Webdav slower than necessary.

Is there any way to avoid this behavior? Maybe some special answer that convinces Windows not to do this? When we use BASIC instead of DIGEST, it works fine (only one request with a header is Authorizationalways on)

+3

windows webdav

Peter Štibraný Mar 20 '09 at 15:07

source share

4 answers

- " ". .

- , , , , , , - .

WebFolders/WebDAV - , , .

, , . (/ ), Negotiate, NTLM Digest .

.Net -, 401.

+1

Christopher G. Lewis 24 . '09 15:11

Windows WebFolder, , - greenbytes. - Vista, , .

0

mkoeller 26 . '09 7:42

Work, if you do not mind, allow less secure configuration - allow anonymous directory hierarchy by listing PROPFIND requests, and authenticate everything else; see http://blog.klinsight.com/2013/02/windows-webdav-double-authentication.html - (I wrote this post for my work). Saving time is significant.

0

Daniel Sokolowski Feb 07 '13 at 17:59

source share

Randolpho · Accepted Answer · 2009-03-23T15:11:35+0000

I believe that the method you described, called the call / response method, is the intended behavior for WebDAV. At least according to the specification . This first request without auth headers is necessary; WebDAV response contains nonce to check the next request, which helps to reject, for example, repeated attacks.

So bottom line: you cannot and should not try to avoid this behavior.

, Windows, ... , nonce - /. , , - nonce , WebDAV nonce . , , Windows, WebDAV , Windows .

, , , nonce. , . Google- .

Avoiding Windows (Vista) to Perform Double Webdav Requests

More articles: