Shared briefcase returns HTTP error 403 instead of 401 on wrong credentials
I am having problems with non techy 'external guests' trying to access a shared briefcase: When they enter wrong credentials (bad login and/or bad password), they get stuck on a page telling them they do not sufficient permissions:
Here is how to reproduce the problem:
HTTP ERROR 403
Problem accessing /service/home/XXXXXX@XXXXXXX.com/Docs. Reason:
permission denied: you do not have sufficient permissions
Powered by Jetty://
- in Zimbra Web Interface, go to briefcase and create a 'New Briefcase' ('Docs' under 'Folders' for example)
- Shared that new Briefcase, 'External guests (view only)' and enter email to an external account and a password.
- Open a different browser (in my case I use here Chrome instead of Firefox), and go to the URL given in the mail: https://zimbra.mydomain.com/home/XXXXX@XXXXX.com/Docs
- Then Enter any login/password
- You get the 403 page. Nothing you can do, reloading the page make no difference....
Of course the obvious solution is to close the browser, or delete recent history, reload the page and the enter correct credentials, but some people are not aware of that, and shouldn't need to be...
I think Zimbra should return HTTP code 401 instead of 403 to tell the browser user was not authenticated.
Anyone having the same problem ? Any suggestions to solve the problem (I can not tell what i want to the users ;))?
Zimbra version: Release 6.0.8_GA_2661.UBUNTU8_64 UBUNTU8_64 NETWORK edition.
Zimbra shared briefcase problem
I am having the exact same problem. Something Zimbra is doing weird with the username and password when the wrong one is entered.
Also, depending on your IE version, and whether you have phishing filter on or off, you cannot just click on the link to the briefcase. It won't even ask for a username and password. Instead. the user must copy and paste the link into the IE address bar. This behavior was noticed with IE8 and phishing filter off.