Nextcloud version: 17.0.5
Operating system and version: Debian Stretch 9.12
Apache or nginx version: Apache 2.4.25
PHP version: 7.3.16
The issue you are facing:
When trying to connect from the android app (installed via f-droid.org) on a new amazon fire tablet, the authorization process with QR-code, manually typed in app-password or TOTP password is finished. Afterwards the app goes back to the start screen for entering the account information. I already know, it is because of the following error stated in the logs “Message":"No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured
” but I can’t figure out, how to configure my server correctly.
As you can see from the apache config, I already added some rewrite rule suggested in another thread and restarted, but it did not help. I don’t have problems with other clients (desktop on windows/linux, mobile on android/iOS or even thunderbird and DAVx5) but all of them have access since several months. I’ve upgraded from 17.0.2 to 17.04 as always with the 2fa app included some days ago and today to 17.0.5 (in hope to fix the error). The fire tablet is the first new client, so I am unsure when my setup was working properly.
Is this the first time you’ve seen this error? (Y/N): Yes
Steps to replicate it:
See text above: providing credentials in android app => error
The output of your Nextcloud log in Admin > Logging:
{"reqId":"VALIDREQID","level":0,"time":"2020-03-28T10:25:45+00:00","remoteAddr":"IP_OF_REAL_HOST","user":"--","app":"webdav","method":"HEAD","url":"/remote.php/webdav/","message":{"Exception":"Sabre\\DAV\\Exception\\NotAuthenticated","Message":"No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured","Code":0,"Trace":[{"function":"beforeMethod","class":"Sabre\\DAV\\Auth\\Plugin","type":"->","args":[{"absoluteUrl":"https://IP_OF_REAL_HOST:PORT/remote.php/webdav/","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]},{"file":"/var/www/nextcloud/3rdparty/sabre/event/lib/EventEmitterTrait.php","line":105,"function":"call_user_func_array","args":[[{"autoRequireLogin":true,"__class__":"Sabre\\DAV\\Auth\\Plugin"},"beforeMethod"],[{"absoluteUrl":"https://IP_OF_REAL_HOST:PORT/remote.php/webdav/","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]]},{"file":"/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php","line":466,"function":"emit","class":"Sabre\\Event\\EventEmitter","type":"->","args":["beforeMethod",[{"absoluteUrl":"https://IP_OF_REAL_HOST:PORT/remote.php/webdav/","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]]},{"file":"/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php","line":254,"function":"invokeMethod","class":"Sabre\\DAV\\Server","type":"->","args":[{"absoluteUrl":"https://IP_OF_REAL_HOST:PORT/remote.php/webdav/","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]},{"file":"/var/www/nextcloud/apps/dav/appinfo/v1/webdav.php","line":80,"function":"exec","class":"Sabre\\DAV\\Server","type":"->","args":[]},{"file":"/var/www/nextcloud/remote.php","line":163,"args":["/var/www/nextcloud/apps/dav/appinfo/v1/webdav.php"],"function":"require_once"}],"File":"/var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Auth/Plugin.php","Line":168,"CustomMessage":"--"},"userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.11.0","version":"17.0.5.0","id":"asdfID1234"}
Apache Configuration on the proxy
<VirtualHost *:443>
ServerName c.MYDOMAIN.eu
ProxyPass / https://IP_OF_REAL_HOST:PORT/
ProxyPassReverse / https://IP_OF_REAL_HOST:PORT/
SSLCertificateFile /etc/letsencrypt/live/c.MYDOMAIN.eu/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/c.MYDOMAIN.eu/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLProxyEngine on
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off
SSLProxyCheckPeerExpire On
</VirtualHost>
Apache Configuration on the real host:
<VirtualHost *:8443>
ServerName c.MYDOMAIN.eu
ServerAdmin webmaster@localhost
DocumentRoot /var/www/nextcloud
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
</IfModule>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/c.MYDOMAIN.eu/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/c.MYDOMAIN.eu/privkey.pem
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
<Directory /var/www/nextcloud/>
Require all granted
Options +FollowSymlinks MultiViews
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
</Directory>
</VirtualHost>
Modules env, rewrite and headers are enabled on the real host.