Bug 136560 - LibreOffice should support Office Forms Based Authentication Protocol
Summary: LibreOffice should support Office Forms Based Authentication Protocol
Status: NEW
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: framework (show other bugs)
Version:
(earliest affected)
unspecified
Hardware: All All
: medium enhancement
Assignee: Not Assigned
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-09-07 18:41 UTC by mikko.lehtisalo
Modified: 2021-07-26 09:40 UTC (History)
1 user (show)

See Also:
Crash report or crash signature:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description mikko.lehtisalo 2020-09-07 18:41:22 UTC 
Description:
Apparently LibreOffice doesn't support OFBA. Support for it should be added because it offers high usability for complex authentication setups. For example OpenID identity provider can be used for WebDav, making proper popups for the authentication.

See https://docs.microsoft.com/en-us/openspecs/sharepoint_protocols/ms-ofba/30c7bbe9-b284-421f-b866-4e7ed4866027 for the open specification.

Steps to Reproduce:
1. Open a document from webdav resource that utilizes OFBA


Actual Results:
1. Get an access denied error

Expected Results:
1. User accesses something like SharePoint Server, and opens a document.
2. Since gssapi/kerberos failed, the application falls back to OFBA.
3. OFBA popup asks local authentication (typically ADFS based openid provider)
4. Authentication cookie gets saved
5. Authentication to webdav succeeds based on the previous steps
6. ... 
7. Profit!


Reproducible: Always


User Profile Reset: No



Additional Info:
OFBA is the most common authentication setup for accessing and editing documents while using Office 365 products in multitenant environments. It really rocks.
Comment 1 Buovjaga 2021-07-26 09:40:56 UTC 
Ok, seems reasonable -> NEW