Hi Sebastian, --On September 5, 2006 4:54:24 PM +0200 Sebastian Hagedorn <Hagedorn@uni-koeln.de> wrote:
By editing the repository-dev.xml file I was able to create more users. The principals are created.
Same here:
2006/09/05 16:37 CEST [-] Created principal: /principals/users/a0620
I can see it in ~/Developer/Collaboration/CalendarServer/twistedcaldav/test/data/principa ls/users. Is that path to be expected?
Yes. The 'document root' is specified in the .plist file. The default run script is set to use caldav-dev.plist and repository-dev.plist, both of which have to be in the server's conf directory.
When I attempt to publish a calendar as one of the new users the /calendars/users/<newuser> folder is created with the inbox and outbox folder.
That doesn't even work for me, but the folders seem to be cerated while creating the principal. They are in ~/Developer/Collaboration/CalendarServer/twistedcaldav/test/data/calendar s/users/a0620
Correct - with the -static repository file user accounts and calendar homes are auto-created when the server starts up. (The process is slightly different with OpenDirectory.)
But the calendar fails to publish with "Access to the calendar <server url> is not permitted.." If I use the admin name and password I can publish the test calendar.
Can you provide the relevant portion of the server log?
Here it reads:
2006/09/05 16:39 CEST [HTTPChannel,0,134.95.128.1] OPTIONS /calendars/users/a0620/ HTTP/1.1 2006/09/05 16:39 CEST [HTTPChannel,0,134.95.128.1] 'Invalid privileges with no authentication details: <OPTIONS /calendars/users/a0620/ (1, 1)>' 2006/09/05 16:39 CEST [HTTPChannel,0,134.95.128.1] OPTIONS /calendars/users/a0620/ HTTP/1.1 2006/09/05 16:39 CEST [HTTPChannel,0,134.95.128.1] 'Invalid privileges with valid authentication details: <OPTIONS /calendars/users/a0620/ (1, 1)>'
If you use the 'admin' user can you login? What OS/system/version are you running this on?
As described on the wiki page, each user should be given <DAV:all> privileges to their own calendar home collection. So it should be possible to do anything in that collection once authenticated.
That doesn't seem to work. Perhaps the implicit rights don't work? Could you give us an example how to set the privileges explicitly? In the example file I see:
<acl> <ace> <principal><all/></principal> <grant><privilege><all/></privilege></grant> <protected/> <inheritable/> </ace> </acl>
But I don't really understand how that's supposed to work.
The above acl is in the commented out section of -static, and is used to create some 'users' that have a publicly accessible calendar (hence use of <DAV:all> as the principal). For 'regular' users you should not use that - use the <user> element with 'repeat=99' as the guide for those. -- Cyrus Daboo