WebDAV Access to User Directories?

[legacyb4]

I’d like to provide WebDAV access to the “~user” directories for easy access to personal files. The File Explorer ftp client on Windoze is, needless to say, severly underpowered and I’m wondering if WebDAV gives me a little more flexibility.

Tried setting up another realm under the virtual host I want to set it under, but after mapping it to a user directory on the server and enabling Everyone:Browse, Owner:Author, it doesn’t let me create the realm.

Any clues?

[legacyb4]

Interesting, now I get the proper error message that:

The Folder entered for this realm is not within the site’s Web folder.

Please enter or select another folder that is part of the site’s web folder and try saving again.

Wonder why that didn’t come up earlier… is my only option creating a set of webroot/users/username directories and forgo the normal ~user directories?

Cheers.

[legacyb4]

Okay, I think I found a semi-acceptable solution.

I created a /shared subdirectory in the webroot and then the necessary /users within that.

I’ve created a specific realm for each user. I’ve disabled Everyone and added specifically user:browse/author and a guest account:browse.

This gives me a standard password-protected web directory that can only be accessed by the two accounts listed and only the author can mount the WebDAV enabled directory which is pretty close to the level of security I need.

It works perfectly in OS X (I can create, rename, copy, and delete files within the directory; however, from a Windows machine, I can only create, rename, delete new folders and only rename/delete existing files.

I get errors trying to copy stuff from a Windows machine with the following errors showing up in the log:

[b:b80c37b814]10.130.0.129 – – [27/Jan/2003:14:02:23 +0900] “HEAD /shared/user/test.txt HTTP/1.1” 401 0[/b:b80c37b814]

Any ideas why this might be?

Owner and group of the /user directory have been set to “www”.

[legacyb4]

Turns out that the server side setup was not the issue, but rather a client software issue…

On 2K, make sure you are patched and updated…

Go Windows! 😈

Cheers.

[legacyb4]

Been playing around with the WebDAV configuration a bit and wanted to run something by folks who are using it over HTTPS.

On a Windows server, I can create a single webroot, have a /webDAV directory physically located (or aliased, it doesn’t matter) inside the root and then force HTTPS access only to that particular directory.

So, basically I can get:

[list:84b99adc00][b:84b99adc00]virtual host settings: listening on port 80 and 443

/webroot/ (HTTP access okay)
/webroot/webDAV (HTTPS access only, HTTP denied)[/b:84b99adc00][/list:u:84b99adc00]

solely by the setting specified on the webDAV directory.

However, as it seems that with OS X Server, I need to create two virtual hosts in order to specify port 80 (HTTP) and port 443 (HTTPS). On top of that, if I want the webDAV directory to only be accessible by HTTPS, these physically have to reside in a separate webroot or else traffic can come in on regular HTTP anyway.

For example, creating two virtual hosts (one for HTTP, one for HTTPS) with the same webroot results in:

[list:84b99adc00][b:84b99adc00]http/https://www.domain.com

/webroot/webDAV (HTTPS access enabled)
/webroot/webDAV (HTTP access ALSO enabled)[/b:84b99adc00][/list:u:84b99adc00]

or, create two virtual hosts with two different webroots to isolate traffic:

[list:84b99adc00][b:84b99adc00]http://www.domain.com

/webroot01/directory01,02… (only HTTP traffic is accepted)

https://www.domain.com

/webroot02/webDAV (only HTTPS traffic is accepted)[/b:84b99adc00][/list:u:84b99adc00]

Is this the correct method of handling HTTPS-exclusive content?

Thanks in advance.

[Author]

Posts