• Published
  • 1 min

WebDAV and basic authentication

Basic authentication with webDAV (and Windows 7) can be almost mind-boggling, until you realise "there's a registry setting for that..."

In a recent intranet-project, we had set up EPiServer webDAV support against one of the filesystems, so that the customer could easily move a lot of documents from an old solution into a new EPiServer site. Most of the resources were folder-structures with images that were to be used in a new gallery-function we built, but also quite a few documents that weren't in a format that could be easily "webified", yet.

Initially, we had set up the site to use windows authentication, and configuring webDAV was quite straightforward, following the EPiServer Tech Note found  here.

However, when we had to switch the site to forms based authentication, and therefore re-configure webDAV to use basic authentication instead, we encountered a problem.

We re-configured the server side configuration and could easily verify that the configuration appeared to be correct by simply accessing the webDAV URL and logging in. The "EPiServer webDAV page" was displayed correctly, informing us how to connect from a client computer.

However, the client could no longer connect to the webDAV URL, the basic authentication login prompt was shown over and over again. Searching for solutions with the keywords "EPiServer" and "webDAV" really didn't help much, so I decided to widen the search.

One of the searches (as far as I can recall) was "webDAV" and "Win7".
I now found a lot of pages mentioning webDAV connection problems for a lot of different systems, including setup of webDAV on Apache etc, etc.

The solution?
Well, it was really quite simple, once I found it...
You need to modify the registry settings on the client machine to allow basic authentication against webDAV without SSL...

So basically set the value for the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters\BasicAuthLevel

to: 2

Setting it to 0 disables Basic Authentication, the default value 1 enables it for SSL connections, and 2 or higher forces it to allow basic authentication without SSL as well.

Since there already is a point in the technote for webDAV about registry settings for disabling locking, I really wish this registry setting had been documented there as well.

And, since I couldn't find any help by searching for "EPiServer" and "webDAV", now maybe YOU can... :)