dav-server | A convenient WebDAV file server | File Utils library

I would like to figure out how to make an ajax call to a baikal server to do GET, POST, OPTIONS, PROPFIND, PROPPATCH, REPORT, PUT, MOVE, DELETE, LOCK, UNLOCK

I have used this code here and got it working but I think I just don't know how to do a proper ajax call.

I make the call inside the same domain to avoid cross-domain issues for now. I have used CalDavZAP before and I can see they make a call using ajax but I just can't get it working even after looking at their code.

I have tried

i have a scenario running with an own CALDAV-server and CALDAV-clients like (iOS-calendar, mac-Calendar, Android sync adapter, Thunderbird/Lightning, Outlook Sync, ...)

The authentication so far works via basic auth (https and the "Authentication"-Header). The CALDAV-clients store the user/password in their configuration.

So far so good, but the issue comes now once the password of the user/account either gets changed, reset, expired, etc. The server has a restrictive password policy enforced, which locks the account after x failed attempts (e.g. 10).

What is happening now obviously is, that once the CALDAV-client configuration was not updated it continues to use an old password.

The server responds with an 401 not authorized - ok, thats fine apparently again.

But the Clients still continue to use the outdated password. It would be nicer to stop polling and present the user with a dialog that his credentials are not valid anymore. But the clients are out of my control so nothing can be directly done here.

The result: after 2-3 iterations (as most clients tries multiple request in one sync iteration) the account on the server of the user is locked due to too many failed login attempts.

That is not nice. The issue seems to be generic and known as "stale passwords". A solution could only be a better client handling (out of scope here) or a oAuth-token handling. But i was not able to find anything that standard CALDAV-clients supports this. Only google calendar seems to enforce an oAuth2 authorization before allowing CALDAV communication.

So the question is, is there a good way to improve the bad experience of locked accounts? Some special 401 response which tells the clients to forget the password or not using it again?

constructive feedback highly welcome.

Edit: for macOS and ios calendar i found a strange behavior (bug) causing and/or enforcing the described situation. A standard 401 response will cause the clients to bring up the password dialog as expected and described above. The clients stop polling until a new password is entered - as desired. In my case the 401 response body contained an inline base 64 image (img src="data..."): This doesnt lead to a password renewal dialog! Just a "something goes wrong" error state. The clients are continuing to poll! Locking the accounts after some tries ;( A solution for this problem than will be to remove the inline image but for me it sounds like a bug that an inline image in the 401 response provokes a different behavior on the client.

I have a script that uploads a file to a WebDav server using curl.

i have centos 6.9 server which need to upgrade php current version is 5.6

before go remove I try rpm -qa | grep php and the result is this

so i think remove all of this will direct affect system yum remove cpanel-php56*

I'm going to use php70 source installation

could you guys help me which packages should I remove before install php7 and will there be any chance's to install php 7 with out remove all of those packages