<html>
    <head>
      <base href="https://bugs.documentfoundation.org/">
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_UNCONFIRMED "
   title="UNCONFIRMED - LibreOffice should support Office Forms Based Authentication Protocol"
   href="https://bugs.documentfoundation.org/show_bug.cgi?id=136560">136560</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>LibreOffice should support Office Forms Based Authentication Protocol
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>LibreOffice
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>unspecified
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>All
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>All
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>UNCONFIRMED
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>enhancement
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>medium
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>framework
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>libreoffice-bugs@lists.freedesktop.org
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>mikko.lehtisalo@gmail.com
          </td>
        </tr></table>
      <p>
        <div>
        <pre>Description:
Apparently LibreOffice doesn't support OFBA. Support for it should be added
because it offers high usability for complex authentication setups. For example
OpenID identity provider can be used for WebDav, making proper popups for the
authentication.

See
<a href="https://docs.microsoft.com/en-us/openspecs/sharepoint_protocols/ms-ofba/30c7bbe9-b284-421f-b866-4e7ed4866027">https://docs.microsoft.com/en-us/openspecs/sharepoint_protocols/ms-ofba/30c7bbe9-b284-421f-b866-4e7ed4866027</a>
for the open specification.

Steps to Reproduce:
1. Open a document from webdav resource that utilizes OFBA


Actual Results:
1. Get an access denied error

Expected Results:
1. User accesses something like SharePoint Server, and opens a document.
2. Since gssapi/kerberos failed, the application falls back to OFBA.
3. OFBA popup asks local authentication (typically ADFS based openid provider)
4. Authentication cookie gets saved
5. Authentication to webdav succeeds based on the previous steps
6. ... 
7. Profit!


Reproducible: Always


User Profile Reset: No



Additional Info:
OFBA is the most common authentication setup for accessing and editing
documents while using Office 365 products in multitenant environments. It
really rocks.</pre>
        </div>
      </p>


      <hr>
      <span>You are receiving this mail because:</span>

      <ul>
          <li>You are the assignee for the bug.</li>
      </ul>
    </body>
</html>