tags:

views:

1400

answers:

2
Q: 

How do I read/write as the authenticated user with Apache/WebDAV?

I've set up DAV in apache2, which works great. The thing is, all read/write operations are done with the apache user's credentials. Instead I want to use the HTTP authenticated user's credentials. If I authenticate as "john", all read and write operations should use the system user john's credentials (from /etc/passwd). suEXEC seems like overkill since I am not executing anything, but I might be wrong...

Here's the current configuration:

<VirtualHost *:80>
        DocumentRoot /var/www/webdav
        ServerName webdav.mydomain.com
        ServerAdmin [email protected]

       <Location "/">
               DAV On
               AuthType Basic
               AuthName "WebDAV Restricted"
               AuthUserFile /etc/apache2/extra/webdav-passwords
               require valid-user

               Options +Indexes
       </Location>
        DAVLockDB /var/lib/dav/lockdb

        ErrorLog /var/log/apache2/webdav-error.log
        TransferLog /var/log/apache2/webdav-access.log
</VirtualHost>
+2  A: 

Shot answer, and as far as I know: you don't.

Long answer: it is possible to implement such a feature with an appropriate mpm, and there were various attempts to do so, but they don't seem to be very actively supported, and are at least not in the mainline Apache codebase.

peruser:

Q. Is peruser ready for production use?

A. In general, no.

perchild:

This module is not functional. Development of this module is not complete and is not currently active. Do not use perchild unless you are a programmer willing to help fix it.

That's too bad, really; most uses of WebDav I've seen store ownership information at the application layer, in the database, anyway. The consensus for doing file sharing is to use Samba instead; and that's not really a solution, I admit.

niXar  2008-09-22 11:07:54
+1  A: 

We have been using davenport (http://davenport.sourceforge.net/) for years to provide access to Windows/samba shares over webdav. Samba/Windows gives a lot of control over this sort of thing, and the Davenport just makes it usable over the web over SSL without a VPN

Mark Porter  2009-07-10 19:45:02

related questions

How do I add a MIME type to .htaccess?
Difference between the Apache HTTP Server and Apache Tomcat?
How do I support SSL Client Certificate authentication?
Why can't I connect to my CAS server with Perl's AuthCAS?
Cleanest & Fastest server setup for Django
Installing Apache Web Server on 64 Bit Mac
Running Apache alongside another web server?
Algorithm behind MD5Crypt
Can you compile Apache HTTP Server and redeploy its binaries to a different location ?
mod_rewrite rule to redirect all requests except for one specific path
How do I create a self signed SSL certificate to use while testing a web app.
Software for Webserver Log Analysis?
What is the difference between an endpoint, a service, and a port when working with webservices?
What are the proper permissions for an upload folder with PHP/Apache?
mod_rewrite to alias one file suffix type to another
How do you redirect HTTPS to HTTP?
Using mod_rewrite to Mimic SSL Virtual Hosts?
User authentication on Resin webserver
How do you set up Python scripts to work in Apache 2.0?
Block user access to internals of a site using HTTP_REFERER
.htaccess directives to *not* redirect certain URLs
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP