Use the correct realm for basic authentication - fixes #23427

apps/dav/lib/Connector/PublicAuth.php

@@ -31,13 +31,14 @@ use OCP\IRequest;
 use OCP\ISession;
 use OCP\Share\Exceptions\ShareNotFound;
 use OCP\Share\IManager;
+use Sabre\DAV\Auth\Backend\AbstractBasic;
 
 /**
  * Class PublicAuth
  *
  * @package OCA\DAV\Connector
  */
-class PublicAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
+class PublicAuth extends AbstractBasic {
 
 	/** @var \OCP\Share\IShare */
 	private $share;
@@ -62,6 +63,10 @@ class PublicAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
 		$this->request = $request;
 		$this->shareManager = $shareManager;
 		$this->session = $session;
+
+		// setup realm
+		$defaults = new \OC_Defaults();
+		$this->realm = $defaults->getName();
 	}
 
 	/**
@@ -99,7 +104,7 @@ class PublicAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
 					if (in_array('XMLHttpRequest', explode(',', $this->request->getHeader('X-Requested-With')))) {
 						// do not re-authenticate over ajax, use dummy auth name to prevent browser popup
 						http_response_code(401);
-						header('WWW-Authenticate', 'DummyBasic real="ownCloud"');
+						header('WWW-Authenticate','DummyBasic realm="' . $this->realm . '"');
 						throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
 					}
 					return false;

apps/dav/lib/Connector/Sabre/Auth.php

@@ -74,6 +74,10 @@ class Auth extends AbstractBasic {
 		$this->twoFactorManager = $twoFactorManager;
 		$this->request = $request;
 		$this->principalPrefix = $principalPrefix;
+
+		// setup realm
+		$defaults = new \OC_Defaults();
+		$this->realm = $defaults->getName();
 	}
 
 	/**

apps/dav/lib/Connector/Sabre/ServerFactory.php

@@ -100,10 +100,9 @@ class ServerFactory {
 		$server->setBaseUri($baseUri);
 
 		// Load plugins
-		$defaults = new \OC_Defaults();
 		$server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin($this->config));
 		$server->addPlugin(new \OCA\DAV\Connector\Sabre\BlockLegacyClientPlugin($this->config));
-		$server->addPlugin(new \Sabre\DAV\Auth\Plugin($authBackend, $defaults->getName()));
+		$server->addPlugin(new \Sabre\DAV\Auth\Plugin($authBackend));
 		// FIXME: The following line is a workaround for legacy components relying on being able to send a GET to /
 		$server->addPlugin(new \OCA\DAV\Connector\Sabre\DummyGetResponsePlugin());
 		$server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $this->logger));

apps/federation/lib/DAV/FedAuth.php

@@ -36,6 +36,10 @@ class FedAuth extends AbstractBasic {
 	public function __construct(DbHandler $db) {
 		$this->db = $db;
 		$this->principalPrefix = 'principals/system/';
+
+		// setup realm
+		$defaults = new \OC_Defaults();
+		$this->realm = $defaults->getName();
 	}
 
 	/**