New user's registration have been closed due to high spamming and low trafic on this forum. Please contact forum admins directly if you need an account. Thanks !

WebDAV support

Good ideas? Share with us!
Ubi
Posts: 1549
Joined: 17 Jul 2007, 09:01

Re: WebDAV support

Post by Ubi »

giving apache access to your shadow file sounds like a bad idea.
The only proper solution I can think of is PAM, but that's not very easy.
gb119
Posts: 18
Joined: 30 Sep 2008, 16:45

Re: WebDAV support

Post by gb119 »

Even with PAM you still need the webserver process to be abce to read /etc /shadow if you are using local files based authentication. You could configure PAM to use LDAP and oo alc authentication that wayic
amishorn
Posts: 21
Joined: 29 Feb 2012, 12:32
Location: Switzerland

Re: WebDAV support

Post by amishorn »

Hi @ all

I have as well an issue with webdav access...
Previously I did all as mentioned above and it actually also woks fine, however, if I call my B3 and log in with e.g. User1, then I am not able to see the folder of FolderUser1 even if User1 itself is the owner of this folder. The corresponding folder FolderUser1 has the following configuration:

drwxr-x--- 6 User1 users 4096 Date FolderUser1

Can anybody tell me what the problem might be?

Thanks a lot for all hints...

Regards
Aimless
nobody
Posts: 226
Joined: 10 Mar 2012, 14:46

Re: WebDAV support

Post by nobody »

If you cannot see the folde, the prolem is not with the permission of that folder, but with the permissions of the parent folder!
amishorn
Posts: 21
Joined: 29 Feb 2012, 12:32
Location: Switzerland

Re: WebDAV support

Post by amishorn »

Thank you very much for your quick reply.
I checked your hint and had to realize that the parent folder is the "home" folder. That means that the path of the FolderUser1 is like following:

/home/FolderUser1/

And here is already my next question:
Since the group to which the home folder belongs is the root group I have actually to add the user User1 to the root group in order to give access rights to the user User1. Is it then legitimate that each user is a member of root group only to have access to the home folder? Or belongs the home folder usually not to the root group?

Thanks again for your reply.

Regards
amishorn
nobody
Posts: 226
Joined: 10 Mar 2012, 14:46

Re: WebDAV support

Post by nobody »

Do not add regular users to the root group. That is a really bad idea!
Instead, change the group for /home into the users group or a special, new group, and then add the user1 to that group.
amishorn
Posts: 21
Joined: 29 Feb 2012, 12:32
Location: Switzerland

Re: WebDAV support

Post by amishorn »

Hi,

thanks again for your reply. I configured my B3 as you adviced.
However, on my work we use Win7, which wanna be super secure and does not accept the AuthType Basic, why I am not able to connect to the B3 with a webfolder/netdrive. Do you know how to configure the B3 for the AuthType Digest? May you probably make an example as gb119 did for the basic type on the first page?
I already checked the apache page as well as the iNet, but I don't understand the instructions especially as it is always mentioned that the httpd.conf has to be changed instead of the file /etc/apache2/sites-enabled/bubba ...

I would also be apreciate about a hint where I can find further documentation about webdav.

Regards,
Amishorn
nobody
Posts: 226
Joined: 10 Mar 2012, 14:46

Re: WebDAV support

Post by nobody »

I think you can change teh registry to make it work with authtype basic

http://www.anyspeak.org/?p=137
amishorn
Posts: 21
Joined: 29 Feb 2012, 12:32
Location: Switzerland

Re: WebDAV support

Post by amishorn »

Hi,

again I'm struggling with access rights and I'm just not familiar enough with the apache configuration, i.e. the documentation and examples on the net makes me more confusing than it helps. Hence, I hope one more for help from this forum...

I have several users registered on my bubba and a few are members of the group exmpGroup. A subdomain points to a public folder "/home/web/public/" that should be accessible for all users of the group exmpGroup. Further, I use WebDAV that the folder is accessible through the common http protocol. My current configurations are as follow:

Code: Select all

<Directory />
    DAV on
    AuthPAM_Enabled on
    AuthType Basic
    AuthBasicAuthoritative Off
    AuthName "PAM"
    require valid-user
    require group exmpGroup
    AuthGroupFile /etc/group
    AuthUserFile /etc/passwd
</Directory>
With this configuration, indeed, the caller is requested to enter credentials, however, no user have access. No matter if it is a member of exmpGroup or not. Can anybody explain me what I missed or how I have to change the configuration, so that the access is restricted only to members of the group exmpGroup?

Thanks very much in advance.

/amishorn
Gordon
Posts: 1461
Joined: 10 Aug 2011, 03:18

Re: WebDAV support

Post by Gordon »

You probably still need lines like these:

For apache 2.2:

Code: Select all

Order allow,deny
allow from all
For apache 2.4+

Code: Select all

Require all granted
amishorn
Posts: 21
Joined: 29 Feb 2012, 12:32
Location: Switzerland

Re: WebDAV support

Post by amishorn »

Well, although I appended this lines within the same <Directory /> block, it didn't lead me to the desired log-in behaviour. It is still the same as before. Nobody, independent of the belonging group, is able to log in.

Any additional input? Does the order of all this apache configurations have any impact? Does it depend on the owner and the group of the folder .../public, i.e. must the owner be www-data?

/amishorn
Post Reply