Client login fails with 401

Hi guys,
yesterday I upgraded my Raspberry Pi 3 from Jessie to Stretch.
Since this time I have problems logging in with android client or desktop client (Linux) and get the 401 error (unauthorized). Web-Login works as expected.
I upgraded from nc13.0.0 to nc13.0.1 today, but it didn’t change anything.
I also deleted all bruteforce entries and authtokens.

How can I solve this issue? I already searched the web, but found nothing helpful.


the error seems to be with apache2 using mpm_event / php7.0-fpm by using php7.0 everything works fine

For better performance I would like to use mpm_event. Can somebody direct me to a working configuration?

too soon too happy

Now is all I get a 7 and don’t know any differences

got the 7. It was at the beginning of the config.php

Now I am at the start of the thread. I can login with my browser, but with no client (desktop, android, thunderbird for calendar or contacts)

I don’t have any suggestions, but I’m having what seems to be the same problem, also using Apache (2.4.19), mpm_event, and php-fpm (though php 7.2, not 7.0)–although I’m seeing it when running under FreeBSD 11.1. Nothing is written to nextcloud.log even when set at log level 1 (info), but when I set the log level to debug, I get this:

'Authorization: Basic' header found. Either the client didn't send one,
or the server is misconfigured, No 'Authorization: Bearer' header found.
Either the client didn't send one, or the server is
mis-configured\",\"Code\":0,\"Trace\":\"#0 [internal function]:
call_user_func_array(Array, Array)\\n#2
Sabre\\\\Event\\\\EventEmitter->emit('beforeMethod', Array)\\n#3
(Macintosh) mirall\/2.3.3 (build 84) (Nextcloud)","version":""}

The username and password entered are correct; if I enter an incorrect password, I get an authentication failure.

i have the feeling it has something to do with this problem here:

How is your server (apache2) configured?

for the fpm I added those lines

<FilesMatch "\.php$">
        SetHandler "proxy:unix:/var/run/php/php7.0-fpm.sock|fcgi://localhost/"
<Proxy "fcgi://localhost/">

I also get this log message (but without your further lines):

**{“reqId”:“YN3JCoOUYTXYid3IVeRj”,“level”:0,“time”:“2018-03-23T15:42:27+00:00”,“remoteAddr”:“”,“user”:"–",“app”:“webdav”,“method”:“PROPFIND”,“url”:"/remote.php/webdav/",“message”:“Exception: {“Exception”:“Sabre\\DAV\\Exception\\NotAuthenticated”,“Message”:“No ‘Authorization: Basic’ header found. Either the client didn’t send one, or the server is misconfigured, No ‘Authorization: Bearer’ header found. Either the client didn’t send one, or the server is mis-configured”,“Code”:0,“Trace”:”#0 [internal function]: Sabre\\DAV\\Auth\\Plugin->beforeMethod(Object(Sabre\\HTTP\\Request), Object(Sabre\\HTTP\\Response))\n#1 \/var\/www\/nextcloud\/3rdparty\/sabre\/event\/lib\/EventEmitterTrait.php(105): call_user_func_array(Array, Array)\n#2 \/var\/www\/nextcloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Server.php(466): Sabre\\Event\\EventEmitter->emit(‘beforeMethod’, Array)\n#3 \/var\/www\/nextcloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Server.php(254): Sabre\\DAV\\Server->invokeMethod(Object(Sabre\\HTTP\\Request), Object(Sabre\\HTTP\\Response))\n#4 \/var\/www\/nextcloud\/apps\/dav\/appinfo\/v1\/webdav.php(80): Sabre\\DAV\\Server->exec()\n#5 \/var\/www\/nextcloud\/remote.php(164): require_once(’\/var\/www\/nextcl…’)\n#6 {main}",“File”:"\/var\/www\/nextcloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Auth\/Plugin.php",“Line”:168}",“userAgent”:“Mozilla/5.0 (Linux) mirall/2.3.3 (Nextcloud)”,“version”:“”}

I have this in the vhost:

ProxyPassMatch ^/(.*\.php)$ fcgi://$1 

Edit: I see that the manual calls for uncommenting the lines in the php-fpm config file (www.conf in my case) that set the environment variables. I hadn’t done that, but doing so (and restarting php-fpm) doesn’t seem to help things.

Edit 2: This post on the owncloud forums sure sounds like it’s describing the same behavior.

Edit 3: This bug suggests that adding this:

RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]

to your virtual host configuration will fix the issue. And, indeed, I can log in using the desktop client if I add it. But lots of files aren’t syncing, and I’m having trouble figuring out why. It’s looking like progress though…

You made my night. Your RewriteCond and -Rule made it. I also enabled the module “headers”, which was missing. don’t know if it is really needed, but sounds like it could.


I got the same problems. This entry in my vhost blows all troubles away:

<FilesMatch \.php$>
    SetHandler "proxy:fcgi://"

After adding this I discarded the RewriteRules and it works fine :slight_smile:

There seems to be a problem using ProxyPassMatch (described here).

I have this same issue, but I don’t know my way around apache. Where exactly should I add the FilesMatch entry?

I think I’m struggling with the same or similar issue for quite some time now. I’m runnig plesk on a ubuntu server 18.04 with apache2 only (no nginx). How do I find out which config file to edit and how can I prove I edited the right file/changes were successful?


I had the same failures with FCGI enabled and this fixed it for me.

Basically mobile connections failed with the log:
“HEAD /remote.php/webdav/ HTTP/1.1” 401 - “-” “Mozilla/5.0 (Android) Nextcloud-android/3.17.1” my.domain.local

The redirect took care of that. Just adding context for others that might be doing a google search with the same issue. Thanks!