WebDav not working - Can not determine user count

[HaleyACS]

Steps to reproduce

1. Have 2 Nextcloud servers running.
   • Server A is already configured and running and has several users.
   • Server B is the new Server and uses user_external/WebDav
2. Configure WebDav in user_external on Server B
3. Login on the Server B using user/credential from user of Server A

Expected behaviour

User should be logged in.

Actual behaviour

User is not logged in.

• Server A

{"reqId":"iswOSW5CbjIcOBwWMaxA","level":0,"time":"2020-04-08 11:57:35","remoteAddr":"172.22.0.10","user":"--","app":"core","method":"GET","url":"\/apps\/files\/","message":{"Exception":"OC\\AppFramework\\Middleware\\Security\\Exceptions\\NotLoggedInException","Message":"Current user is not logged in","Code":401,"Trace":[{"file":"\/nextcloud\/lib\/private\/AppFramework\/Middleware\/MiddlewareDispatcher.php","line":95,"function":"beforeController","class":"OC\\AppFramework\\Middleware\\Security\\SecurityMiddleware","type":"->","args":[{"__class__":"OCA\\Files\\Controller\\ViewController"},"index"]},{"file":"\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":98,"function":"beforeController","class":"OC\\AppFramework\\Middleware\\MiddlewareDispatcher","type":"->","args":[{"__class__":"OCA\\Files\\Controller\\ViewController"},"index"]},{"file":"\/nextcloud\/lib\/private\/AppFramework\/App.php","line":126,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Files\\Controller\\ViewController"},"index"]},{"file":"\/nextcloud\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\Files\\Controller\\ViewController","index",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"_route":"files.view.index"}]},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->","args":[{"_route":"files.view.index"}]},{"file":"\/nextcloud\/lib\/private\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"files.view.index"}]},{"file":"\/nextcloud\/lib\/base.php","line":997,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/apps\/files\/"]},{"file":"\/nextcloud\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\/nextcloud\/lib\/private\/AppFramework\/Middleware\/Security\/SecurityMiddleware.php","Line":141,"CustomMessage":"--"},"userAgent":"--","version":"17.0.5.0"}

• Server B

{"reqId":"2S8tTRB8RY652hi83PhQ","level":2,"time":"2020-04-08 11:57:35","remoteAddr":"172.31.0.13","user":"--","app":"no app in context","method":"POST","url":"\/login","message":"Login failed: smurphy (Remote IP: 172.31.0.13)","userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko\/20100101 Firefox\/75.0","version":"17.0.5.0"}

Affected Authentication backend

WebDav

Server configuration

Both servers using the same Docker image (self built based on wonderfall/nextcloud, however adapted over time to my environment etc.).

Nextcloud version: 17.0.5
Operating system and version: Alpine 3.8 + Updates
Apache or nginx version: NGinx 1.17.9
PHP version: 7.2.29
HA-Proxy: 1.9.13
Redis: 5.0.6
Database: Mariadb 10.4.8

User External App version: (see Nextcloud apps page)
0.9.0

Operating system:
Alpine 3.8

Web server:
NGinx 1.17.9

Database:
Mariadb 10.4.8

PHP version:
7.2.29

Nextcloud version: (see Nextcloud admin page)
17.0.5

Updated from an older Nextcloud/ownCloud or fresh install:
17.0.3

Where did you install Nextcloud from:
At docker build time using and Version as argument.
https://download.nextcloud.com/server/releases/${NEXTCLOUD_TARBALL}

Signing status:

Signing status

Login as admin user into your Nextcloud and access
http://example.com/index.php/settings/integrity/failed

No errors have been found.

List of activated apps:

App list

``` If you have access to your command line run e.g.: sudo -u www-data php occ app:list from within your Nextcloud installation folder ``` Enabled: - accessibility: 1.3.0 - activity: 2.10.1 - announcementcenter: 3.6.1 - calendar: 2.0.2 - circles: 0.17.12 - cloud_federation_api: 1.0.0 - comments: 1.7.0 - contacts: 3.2.0 - dav: 1.13.0 - federatedfilesharing: 1.7.0 - federation: 1.7.0 - files: 1.12.0 - files_accesscontrol: 1.7.0 - files_pdfviewer: 1.6.0 - files_rightclick: 0.15.1 - files_sharing: 1.9.0 - files_trashbin: 1.7.0 - files_versions: 1.10.0 - files_videoplayer: 1.6.0 - firstrunwizard: 2.6.0 - gallery: 18.4.0 - groupfolders: 5.0.7 - logreader: 2.2.0 - lookup_server_connector: 1.5.0 - nextcloud_announcements: 1.6.0 - notes: 3.2.0 - notifications: 2.5.0 - oauth2: 1.5.0 - password_policy: 1.7.0 - privacy: 1.1.0 - provisioning_api: 1.7.0 - quota_warning: 1.6.0 - recommendations: 0.5.0 - serverinfo: 1.7.0 - sharebymail: 1.7.0 - spreed: 7.0.2 - support: 1.0.1 - survey_client: 1.5.0 - systemtags: 1.7.0 - tasks: 0.12.1 - text: 1.1.1 - theming: 1.8.0 - twofactor_backupcodes: 1.6.0 - updatenotification: 1.7.0 - user_external: 0.9.0 - viewer: 1.2.0 - workflowengine: 1.7.0

Nextcloud configuration:

Config report

If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your Nextcloud installation folder

or

Insert your config.php content here.
Make sure to remove all sensitive content such as passwords. (e.g. database password, passwordsalt, secret, smtp password, …)

    {
    "system": {
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "apps_paths": [
            {
                "path": "\/nextcloud\/apps",
                "url": "\/apps",
                "writable": false
            },
            {
                "path": "\/apps2",
                "url": "\/apps2",
                "writable": true
            }
        ],
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 6379
        },
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "stargate.solsys.org:9443",
            "sol-gate.solsys.org"
        ],
        "dbtype": "mysql",
        "overwrite.cli.url": "https:\/\/stargate.solsys.org:9443",
        "overwriteprotocol": "https",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "logtimezone": "Europe\/Berlin",
        "logdateformat": "Y-m-d H:i:s",
        "version": "17.0.5.0",
        "installed": true,
        "mail_smtpmode": "smtp",
        "mail_sendmailmode": "smtp",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpauthtype": "PLAIN",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "25",
        "maintenance": false,
        "theme": "",
        "loglevel": 2,
        "user_backends": [
            {
                "class": "\\OCA\\User_External\\WebDAVAuth",
                "arguments": [
                    "https:\/\/nas.solsys.org:9443\/webdav"
                ]
            }
        ]
    }
    }

Logs

Web server error log

Web server error log

WebServer Error log empty

Nextcloud log (data/nextcloud.log)

Nextcloud log

{"reqId":"2S8tTRB8RY652hi83PhQ","level":2,"time":"2020-04-08 11:57:35","remoteAddr":"172.31.0.13","user":"--","app":"no app in context","method":"POST","url":"\/login","message":"Login failed: smurphy (Remote IP: 172.31.0.13)","userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko\/20100101 Firefox\/75.0","version":"17.0.5.0"}
{"reqId":"HU1JVyCnejvBOLMhuc4X","level":2,"time":"2020-04-08 12:03:33","remoteAddr":"172.31.0.13","user":"admin","app":"support","method":"GET","url":"\/settings\/admin\/overview","message":"Can not determine user count for OCA\\user_external\\WebDavAuth","userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko\/20100101 Firefox\/75.0","version":"17.0.5.0"}
{"reqId":"4CiMWdZ6fNxxNRjE8FhM","level":2,"time":"2020-04-08 12:04:47","remoteAddr":"172.31.0.13","user":"admin","app":"support","method":"GET","url":"\/settings\/admin\/overview","message":"Can not determine user count for OCA\\user_external\\WebDavAuth","userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko\/20100101 Firefox\/75.0","version":"17.0.5.0"}
{"reqId":"irQMYTwmZZrn2VwNIOG5","level":2,"time":"2020-04-08 12:04:50","remoteAddr":"172.31.0.13","user":"admin","app":"support","method":"GET","url":"\/settings\/apps","message":"Can not determine user count for OCA\\user_external\\WebDavAuth","userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko\/20100101 Firefox\/75.0","version":"17.0.5.0"}
{"reqId":"3Z0RbmVgbXBvlIb0ERLN","level":2,"time":"2020-04-08 12:04:50","remoteAddr":"172.31.0.13","user":"admin","app":"support","method":"GET","url":"\/settings\/apps\/list","message":"Can not determine user count for OCA\\user_external\\WebDavAuth","userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko\/20100101 Firefox\/75.0","version":"17.0.5.0"}
{"reqId":"bXp99AyV4NzHCbBnKGB4","level":2,"time":"2020-04-08 12:09:39","remoteAddr":"","user":"--","app":"support","method":"","url":"--","message":"Can not determine user count for OCA\\user_external\\WebDavAuth","userAgent":"--","version":"17.0.5.0"}
{"reqId":"11gKnF4CrYI0vWWVK5qN","level":2,"time":"2020-04-08 12:18:59","remoteAddr":"172.31.0.13","user":"admin","app":"support","method":"GET","url":"\/settings\/apps","message":"Can not determine user count for OCA\\user_external\\WebDavAuth","userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko\/20100101 Firefox\/75.0","version":"17.0.5.0"}
{"reqId":"zvI1wBnI9tuLkCzMyTxN","level":2,"time":"2020-04-08 12:19:00","remoteAddr":"172.31.0.13","user":"admin","app":"support","method":"GET","url":"\/settings\/apps\/list","message":"Can not determine user count for OCA\\user_external\\WebDavAuth","userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko\/20100101 Firefox\/75.0","version":"17.0.5.0"}

Browser log

Browser log

Insert your browser log here, this could for example include:

a) The javascript console log
Empty

b) The network log
Takes 40secs - but that is because I have made too many login attempts.

c) ...

[violoncelloCH]

Nextcloud's (web)dav endpoint is at /remote.php/dav/files/ so I guess it should work when you configure the user_backend on server B correspondingly... otherwise please reopen the issue

[HaleyACS]

It does not work when configuring the user_backend on Server B. That is the issue.
When you talk: configure the user_backend on Server B - what exactly do you mean?
My current configuration on Server B is as follows:
"user_backends": [ { "class": "\\OCA\\User_External\\WebDAVAuth", "arguments": [ "https:\/\/nas.solsys.org:9443\/webdav" ] } ] }
That is as in the documentation for the WebDav configuration on this page.
With that - it does not work. I cannot log into the system using user credentials from server A (which is => nas.solsys.org:8443)

[violoncelloCH]

well if nas.solsys.org:9443 is your Nextcloud Server A, then change it to:

"user_backends": [ { "class": "\\OCA\\User_External\\WebDAVAuth", "arguments": [ "https:\/\/nas.solsys.org:9443\/remote.php\/dav\/files\/" ] } ] }

in the documentation is just a generic example with /webdav representing "point it to your servers webdav endpoint" this depends on your webdav server; for Nextclouds webdav endpoint this is what I've indicated above...

[HaleyACS]

I tried that and it works. Thanks.
You should specify that in the docs :)
Thanks again.

[violoncelloCH]

well I currently don't have the time to do it properly, but a Pulll Request would always be highly appreciated :)
(note: it would be worth to coordinate with #126 as this might be touching the same part of the documentation)