"Principal name not found" error on downloading a file

Question

"Principal name not found" error on downloading a file

schirmacher opened this issue 3 years ago · 7 comments

I am trying to download a file from Nextcloud (self-hosted, version is 20.0.8.1). The top level view in Nextcloud has a file "Nextcloud.mp4". I have verified that the username and password is correct (got a 401 error when I used the wrong password). I have also tried other methods without success (see the commented lines).

Here is my code:

        try {
            NextcloudConnector nc = new NextcloudConnector("nextcloud.example.com", true, 443, "my.name@example.com", "mypassword");
            InputStream file = nc.downloadFile("/Nextcloud.mp4");
            //nc.createFolder("/Test");
            //List fileNames = nc.listFolderContent("/");
        } catch (Exception e) {
            System.out.println(e);
        }

And here is the log file output:

09:50:31.858 [main] DEBUG org.apache.http.headers - http-outgoing-1 >> GET /remote.php/dav/files/my.name@example.com/Nextcloud.mp4/ HTTP/1.1
09:50:31.858 [main] DEBUG org.apache.http.headers - http-outgoing-1 >> Host: nextcloud.example.com:443
09:50:31.858 [main] DEBUG org.apache.http.headers - http-outgoing-1 >> Connection: Keep-Alive
09:50:31.858 [main] DEBUG org.apache.http.headers - http-outgoing-1 >> User-Agent: Sardine/5.10
09:50:31.858 [main] DEBUG org.apache.http.headers - http-outgoing-1 >> Accept-Encoding: gzip,deflate
09:50:31.858 [main] DEBUG org.apache.http.headers - http-outgoing-1 >> Authorization: Basic QXJu.....
09:50:31.858 [main] DEBUG org.apache.http.wire - http-outgoing-1 >> "GET /remote.php/dav/files/my.name@example.com/Nextcloud.mp4/ HTTP/1.1[\r][\n]"
09:50:31.858 [main] DEBUG org.apache.http.wire - http-outgoing-1 >> "Host: nextcloud.example.com:443[\r][\n]"
09:50:31.859 [main] DEBUG org.apache.http.wire - http-outgoing-1 >> "Connection: Keep-Alive[\r][\n]"
09:50:31.859 [main] DEBUG org.apache.http.wire - http-outgoing-1 >> "User-Agent: Sardine/5.10[\r][\n]"
09:50:31.859 [main] DEBUG org.apache.http.wire - http-outgoing-1 >> "Accept-Encoding: gzip,deflate[\r][\n]"
09:50:31.859 [main] DEBUG org.apache.http.wire - http-outgoing-1 >> "Authorization: Basic QXJu...[\r][\n]"
09:50:31.859 [main] DEBUG org.apache.http.wire - http-outgoing-1 >> "[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "HTTP/1.1 404 Not Found[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Date: Wed, 06 Oct 2021 07:50:31 GMT[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Server: Apache/2.4.25 (Debian)[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Strict-Transport-Security: max-age=15768000 ; includeSubDomains[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Expires: Thu, 19 Nov 1981 08:52:00 GMT[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Cache-Control: no-store, no-cache, must-revalidate[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Pragma: no-cache[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Content-Security-Policy: default-src 'none';[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Referrer-Policy: no-referrer[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "X-Content-Type-Options: nosniff[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "X-Download-Options: noopen[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "X-Frame-Options: SAMEORIGIN[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "X-Permitted-Cross-Domain-Policies: none[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "X-Robots-Tag: none[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "X-XSS-Protection: 1; mode=block[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Content-Length: 253[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Content-Type: application/xml; charset=utf-8[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Set-Cookie: oc4ld86aguy6=0ca6a655f8a1e9e694af6eaf6b4b2616; path=/; secure; HttpOnly; SameSite=Lax[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Set-Cookie: oc_sessionPassphrase=An5OH5L.....; path=/; secure; HttpOnly; SameSite=Lax[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Set-Cookie: oc4ld8....; path=/; secure; HttpOnly; SameSite=Lax[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Set-Cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Set-Cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict[\r][\n]"
09:50:33.499 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Set-Cookie: oc4ld86a....; path=/; secure; HttpOnly; SameSite=Lax[\r][\n]"
09:50:33.500 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Set-Cookie: cookie_test=test; expires=Wed, 06-Oct-2021 08:50:33 GMT; Max-Age=3600[\r][\n]"
09:50:33.500 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Keep-Alive: timeout=5, max=100[\r][\n]"
09:50:33.500 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "Connection: Keep-Alive[\r][\n]"
09:50:33.500 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "[\r][\n]"
09:50:33.500 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "<?xml version="1.0" encoding="utf-8"?>[\n]"
09:50:33.500 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">[\n]"
09:50:33.500 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "  <s:exception>Sabre\DAV\Exception\NotFound</s:exception>[\n]"
09:50:33.500 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "  <s:message>Principal with name my.name@example.com not found</s:message>[\n]"
09:50:33.500 [main] DEBUG org.apache.http.wire - http-outgoing-1 << "</d:error>[\n]"
...
org.aarboard.nextcloud.api.exception.NextcloudApiException: com.github.sardine.impl.SardineException: Unexpected response (404 Not Found)

The url "https://nextcloud.example.com/remote.php/dav/files/my.name@example.com/Nextcloud.mp4/" results in fact in a 404 error when pasted into the browser. However, when I replace the user name part with the uuid that is listed in the Nextcloud administrator user listing near my full name ("https://nextcloud.example.com/remote.php/dav/files/BA00370B-3FFZ-4295-8D76-C232DA9B3565/Nextcloud.mp4/"), I can successfully download the file via the browser.

So this shows that the path to the file in the nc.downloadFile call seems to be correct. I also tried replacing my user name by the uuid in the code, but then the login fails.

Please advise what to do to successfully download the file by a Java program.

Answer 1 · 2021-10-06T09:37:08.000Z

For the short term fix, please use the previous version 11.5.1
In 11.6.0 we did rework the auth and path stuff, which seems to have introduced a problem in some cases

Answer 2 · 2021-10-06T12:47:34.000Z

I got it working with version 11.5.1, but found other problems. New code:

        try {
            NextcloudConnector nc = new NextcloudConnector("nextcloud.example.com", true, 443, "my.name@example.com", "mypassword");
            nc.setSubpathPrefix(""); // required workaround
            Boolean success = nc.downloadFile("Nextcloud.mp4", "/var/tmp/"); // this works
            InputStream file = nc.downloadFile("Nextcloud.mp4"); // returned InputStream does not seem to work
            int available = file.available();
            System.out.println("available() returned " + available); // returns 0 bytes available
            Files.copy(file, Paths.get("/var/tmp/thefile")); // creates empty file
        } catch (Exception e) {
            System.out.println(e);
        }

The need for the setting of the empty subpathPrefix is that in buildWebdavPath the leading "/" is missing if the subpathPrefix is null.
The downloadFile function returns a file handle, but it shuts down the sardine handler before returning the file handle. Maybe this causes the file handle to be invalid.

Answer 3 · 2021-10-06T13:00:55.000Z

double checked the code in my previous comment with version 11.6.0: it works now with the line having the comment "required workaround". The buildWebdavPath function is the culprit. However, the rest of the code does not work either.

Answer 4 · 2021-10-13T21:41:40.000Z

Are you using some kind of ldap user backend in nextcloud? (Or other user provisioning?)
The UUID in the user name part of the url is not what NC generates on it's own (At least not in my experience)

Answer 5 · 2021-10-14T22:06:28.000Z

Can you test with the 11.7.0-SNAPSHOT release?
It should fix the problem where the login name is not identical to the user name

Answer 6 · 2021-10-15T09:37:02.000Z

The on-premise Nextcloud server is in fact connected to our Microsoft AD server. Here is a screenshot how my user name entry looks like:

Answer 7 · 2021-10-15T10:03:25.000Z

Could you please test with 11.7.0-SNAPSHOT release?
It has a fix for this case in it