Local Authentication for WebDAV

If you need any help in filling out this wiki page, please visit our ILIAS Community FAQ. And please complete the metadata information in the right column after having created the page.

1 Initial Problem

From the users perspective, there are technically two ways where to authenticate himself. The first one is to send the Username and Password to ILIAS. ILIAS either authenticates the user itself (local Account) or acts as a proxy and authenticates the user on another service (e.g. LDAP). In this case, ILIAS authenticates the user on one way or another with his or hers credentials.

With the second method, the user authenticates itself on another authentication service (e.g. over shibboleth). In this case, ILIAS never receives any credentials of the user. It just gets a token from the authentication service.

Both kinds of authentication are working perfectly well the world of browsers with session awareness, cookies and redirects. The second method, in which ILIAS never handles any credentials and redirects are necessary, don't work with WebDAV. This is because most of the WebDAV clients are not session aware and do not support redirects.

It is quite unkown. But there is already a feature for this. If a user who uses shibboleth clicks on "Open as Webfolder" and does not have a local password, she/he will be redirected to a page where a local password can be set. Only after a local password is set, the user can open the WebDAV mount instructions and can connect to ILIAS over WebDAV. With a little bit of "URL hacking", the page can be opene even with an ILIAS account. Just open a folder and replace "cmd=view" with "cmd=showPasswordInstruction" in the URL. An example for this page can be found here.

The page is a little bit outdated and the instructions are confusing. We would like to have a small revision for it.

2 Conceptual Summary

There are two changes which this FR proposes. First: Improve the local password page so it looks less confusing. And second: Add a section to the user settings where the local password can be changed / reset.

3 User Interface Modifications

3.1 List of Affected Views

{Please list all views (screens) of ILIAS that should be modified, newly introduced or removed.}

3.2 User Interface Details

{For each of these views please list all user interface elements that should be modified, added or removed. Please provide the textual appearance of the UI elements and their interactive behaviour.}

3.3 New User Interface Concepts

{If the proposal introduces any completely new user interface elements, you might consult UI Kitchen Sink in order to find the necessary information to propose new UI-Concepts. Note that any maintainer might gladly assist you with this.}

4 Technical Information

{The maintainer has to provide necessary technical information, e.g. dependencies on other ILIAS components, necessary modifications in general services/architecture, potential security or performance issues.}

5 Privacy Information

{ Please list all personal data that will need to be stored or processed to implement this feature. For each date give a short explanation why it is necessary to use that date. }

6 Security Implications

{ Does the feature include any special security relevant changes, e.g. the introducion of new endpoints or other new possible attack vectors. If yes, please explain these implications and include a commitment to deliver a written security concept as part of the feature development. This concept will need an additional approvement by the JourFixe. }

7 Contact

• Author of the Request: {Please add your name.}
• Maintainer: {Please add your name before applying for an initial workshop or a Jour Fixe meeting.}
• Implementation of the feature is done by: {The maintainer must add the name of the implementing developer.}

8 Funding

If you are interest in funding this feature, please add your name and institution to this list.

• …

9 Discussion

10 Implementation

{The maintainer has to give a description of the final implementation and add screenshots if possible.}

Test Cases

Test cases completed at {date} by {user}

• {Test case number linked to Testrail} : {test case title}

Approval

Approved at {date} by {user}.