Auto-provisioning

From dmfswiki
Revision as of 08:06, 20 November 2012 by Marten (Talk | contribs)

Jump to: navigation, search

CalDAV-Sync and CardDAV-Sync support auto-configuration and painless account setup. This is particular useful if you run a CalDAV/CardDAV server for an organization with many users. Auto-configuration allows users to set up the account without knowledge of any server details (and without all the typing). Auto-configuration is still under development. Future releases will allow to set more options automatically up to a degree where almost no additional user-interaction is necessary.

How it works

To use auto-configuration place a link matching this scheme on your website on in an email:

caldav[s]://[username[:password]@][servename][:port][/path][#options]
or
carddav[s]://[username[:password]@][servename][:port][/path][#options]

When you open this link from your phone's browser the CalDAV-Sync or CardDAV-Sync account setup will be invoked with these settings.

See below for some examples.

The details

Most parts of the link scheme are optional (depending on your server setup). Only the URI scheme and the server name are always mandatory.

caldavs:// or caldav://
prefix for CalDAV accounts using SSL or without SSL
carddavs:// or carddav://
prefix for CardDAV accounts using SSL or without SSL
[username] or [username:password]
(optional) the username and password to use for authentication (note: ":","@" and "/" in username or password have to be url-encoded). Beware: including the password may have serious security implications and is not recommended!
[servername]
the name of your server
[:port]
(optional) The port to connect to, mandatory if you use a non-standard port.
[/path]
(optional) The path to the CalDAV or CardDAV root, the principal home or the calendar/address book home. You can omit this if you use a .well-know redirection or if you don't run your server in a sub-path.
[#options]
(optional) A set of default account options. Multiple options have to be concatenated by an ampersand (&). Currently the following options are supported (more options will follow):
preemptive_auth
(currently CalDAV-Sync only) Enable preemptive authentication by default.
enforce_dtend
(CalDAV-Sync only) Always store a DTEND field in the event file, never use DURATION. This is a workaround for Oracle Convergence servers.

Examples

The following examples will set up accounts for the SOGo demo server

server name only
caldav://sogo-demo.inverse.ca
carddav://sogo-demo.inverse.ca
full path to DAV root
caldav://sogo-demo.inverse.ca/SOGo/dav
carddav://sogo-demo.inverse.ca/SOGo/dav
with username and port
caldav://sogo1@sogo-demo.inverse.ca:80
carddav://sogo1@sogo-demo.inverse.ca:80
with username and password
caldav://sogo1:sogo1@sogo-demo.inverse.ca
carddav://sogo1:sogo1@sogo-demo.inverse.ca
Note: Although it's supported, it's not recommended to use this because it contains your password in plain text and everyone with access to the page can read it!


Use the following to sync using SSL (with an alternative SSL-port), preemptive authentication and enforced DTEND. The login in this example is username@example.com (note the encoded "@")

caldavs://username%40example.com@example.com:8443#preemptive_auth&enforce_dtend

Use it locally

If you reset your device often you can use auto-configuration to speed up account setup. Just create a file like below, change the URL in the <meta> tag to your needs and save it on your device.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>CalDAV-Sync auto setup</title>
<meta http-equiv="REFRESH" content="0;caldav://sogo1:sogo1@sogo-demo.inverse.ca/SOGo/dav/"></HEAD>
<body>
Open this file to set up a CalDAV-Sync account on your device.
</body>
</html>

Now open the file on your device. You should be presented with the CalDAV-Sync account setup, pre-configured for your account (the code above will create a new account for the SOGo demo server).

To use the same file for CalDAV-Sync and CardDAV-Sync you can use links instead of the redirect:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>CalDAV-Sync and CardDAV-Sync painless account setup</title>
<body>
<p>
<a href="caldav://sogo1:sogo1@sogo-demo.inverse.ca/SOGo/dav/">Set up CalDAV-Sync</a>
</p>
<p>
<a href="carddav://sogo1:sogo1@sogo-demo.inverse.ca/SOGo/dav/">Set up CardDAV-Sync</a>
</p>
</body>
</html>


Note: Be sure to encode special characters in your password properly: " becomes %22 and / becomes %2F