Using Basic Authentication with Windows 7 and Windows Vista WebDAV Client

When developing Basic authentication and using Windows 7 & Vista as a WebDAV client note the following:

  • Windows 7 and Vista will fail to connect to the server using insecure Basic authentication. It will not even display any login dialog. Windows 7 and Vista requires SSL / HTTPS connection to be used with Basic. If you try to connect via Add Network Location Wizard you will get the following error: "The folder you entered does not appear to be valid. Please choose another". However, you still can connect if you set the following registry key on a client machine: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters\BasicAuthLevel to 2. The BasicAuthLevel can be set to the following values:
    • 0 - Basic authentication disabled
    • 1 - Basic authentication enabled for SSL shares only
    • 2 or greater - Basic authentication enabled for SSL shares and for non-SSL shares
  • Unlike Windows XP WebDAV client, Windows Vista may attach a machine or domain name to the username returned in Authorization header. It separates username and domain with a single ‘\’ symbol: DOMAIN\User. Make sure you extract the user name correctly from Authorization header.

Important! Microsoft Office 2010 requires secure SSL connection when used with Basic authentication. For a workaround please see this article:  You cannot open Office file types directly from a server that only supports Basic Authentication over a nonSSL connection with Office 2010 applications.