dcache
dcache copied to clipboard
dCache
dCacheView + X509 auth + Firefox: views and downloads fail
Dear dCache devs,
As mentioned in https://github.com/dCache/dcache/issues/5883#issuecomment-831355159, dCacheView does not properly download or view files when authenticated with an X509 user certificate in Firefox. Interestingly, the browser console does not mention any effort to access the WebDAV door.
Logged in with X509 in a fresh window:
Viewing an image fails:
The console does not list access to WebDAV:
Trying to download the file:
Also here, no mention of any effort to access WebDAV:
Here's the definition of this specific dCacheView:
[dcacheview22884Domain]
dcache.java.memory.heap=2g
# dCacheView with X509 cert authentication.
[dcacheview22884Domain/frontend]
frontend.cell.name=dcacheview-22884-${host.name}
frontend.net.port = 22884
frontend.authn.protocol = https
frontend.authn.basic = false
frontend.authn.require-client-cert = true
frontend.authn.accept-client-cert = true
frontend.static!dcache-view.org-name=SURFsara Grid Storage dCacheView
frontend.static!dcache-view.endpoints.webdav=https://dcacheview.grid.surfsara.nl:2884/
frontend.protocols.tags=webdav2884
frontend.geographic-placement = NL
The WebDAV door (though I don't think it's relevant here)
# Secure WebDAV with X509 (cert) authentication
[webdav2884-${host.name}Domain]
dcache.java.options.extra = \
-Djava.security.properties=/etc/dcache/maximum.java.security \
-Djdk.tls.ephemeralDHKeySize=2048
[webdav2884-${host.name}Domain/webdav]
webdav.cell.name=webdav2884-${host.name}
webdav.redirect.on-read=false
webdav.redirect.on-write=false
webdav.authn.basic=false
webdav.authn.accept-client-cert = true
webdav.authn.require-client-cert = true
webdav.authn.protocol=https
webdav.net.port=2884
webdav.enable.overwrite=true
webdav.allowed.client.origins = https://dcacheview.grid.surfsara.nl:22884
webdav.loginbroker.tags=webdav2884
