[thelist] Windows WebDAV problem with authentication

Ken Schaefer Ken at adOpenStatic.com
Mon Aug 20 20:52:28 CDT 2007

Question - why are you using Basic Authentication over plain HTTP?

Why are you not using a more robust authentication technology? Alternatively, are you securing the transport layer with something else (e.g. IPSec)? If you are not, then why would you ask your users to deliberately make their machines less secure than before?

This setting does not apply to just your server. It means that anytime the user is convinced to connect to a remote server that supports WebDAV they may be prompted for their credentials, which would potentially be sent in clear text both across the wire, and to the remote server.


-----Original Message-----
From: thelist-bounces at lists.evolt.org [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Hassan Schroeder
Sent: Tuesday, 21 August 2007 1:36 AM
To: thelist at lists.evolt.org
Subject: Re: [thelist] Windows WebDAV problem with authentication

On 8/17/07, Ken Schaefer <Ken at adopenstatic.com> wrote:

> http://support.microsoft.com/kb/841215

Muchos gracias for that link -- reading closely, I finally realized that
the key is  "UseBasicAuth", not USER as originally indicated.

So, for anyone who cares, this *does* in fact fix the problem -- login
to the web folder is successful.

The fact remains that asking non-technical clients to edit their registry
is dicey at best.  :-)

Is there any way to automate this? Some sort of scripted approach?


> -----Original Message-----

> On 8/16/07, Charles <lists07 at wiltgen.net> wrote:
> > add the UserBasicAuth registry entry
Hassan Schroeder ------------------------ hassan.schroeder at gmail.com

* * Please support the community that supports you.  * *

For unsubscribe and other options, including the Tip Harvester
and archives of thelist go to: http://lists.evolt.org
Workers of the Web, evolt !

More information about the thelist mailing list