You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Morten <li...@kikobu.com> on 2004/12/20 22:21:35 UTC
[users@httpd] Making a robust DAV server deployment in an MS world
Hi,
I'm currently planning the setup of an Apache2 WebDAV server. I will be
running multiple projects, ie. have folders like:
/dav/project01/
/dav/project02/
There will be authentication and authorization so project01 members
cannot see project02 files and so on. All access will be via https.
I'm a bit insecure if mod_dav (or DAV in general) is robust enough,
particularly after reading the following in the SVN book:
--
Please note that Windows XP without the servicepack 1 will lead to bogus
network data and could therefore corrupt your repository!
--
Is there any way I can control/limit what DAV clients get used? I know
that this is not a mod_dav issue per se, but I cannot use a solution
where a bad client in project01 takes down the entire DAV repository.
What do you guys do with respect to the broken MS clients? (I'm also
thinking other issues like those adressed in mod_auth_msfix)
Any insight (and caveats) much appreciated.
Thanks,
Morten
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Re: Making a robust DAV server deployment in an
MS world
Posted by "John P. Dodge" <do...@cruciate.ca.boeing.com>.
On Tue, 21 Dec 2004, Morten wrote:
> Hi,
>
> > dav though Apache, but I think it only runs on 1.3 right now. What kind
> > of clients are you expecting to be using? I would expect that any client
> > can be treated like a browser and special rules applied one way or
> > another. Even if it comes down to a mod_rewrite sort of thing you should
> > be able to do it.
>
> I was hoping to be able to allow MS WebFolders as clients. When I try to
> connect using WebFolders, I get rejected because WebFolders strips the
> trailing slash (ie. /my/dav/ becomes /my/dav) and Apache sendes a 301
> redirect to /my/dav/ which breaks WebFolders. I fixed that for now using
> a ProxyPass. Next problem, WebFolders tries to execute "something" (FP
> extension supposedly), and as it fails with a 404, WebFolders refuses to
> connect to the DAV repository:
>
> "GET /_vti_inf.html HTTP/1.1" 404 323
> "POST /_vti_bin/shtml.exe/_vti_rpc HTTP/1.1" 404 337
>
> Does a workaround for this exist? I just tried Slide as DAV server and
> it appears to handle these "special" cases, so I'm hoping that someone
> somewhere has something similar for mod_dav.
>
> Any input much appreciated,
>
> Morten
>
MS WebFolders always attempts an FP connection first and then reverts to a
DAV connection. You should see "OPTIONS" of "PROPFIND" method calls in
your access file after these FP GET requests.
----------------------------------------
"Mon aƩroglisseur est plein d'anguilles"
John P. Dodge
Boeing Shared Services
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: Making a robust DAV server deployment in an MS world
Posted by Morten <li...@kikobu.com>.
Hi,
> dav though Apache, but I think it only runs on 1.3 right now. What kind
> of clients are you expecting to be using? I would expect that any client
> can be treated like a browser and special rules applied one way or
> another. Even if it comes down to a mod_rewrite sort of thing you should
> be able to do it.
I was hoping to be able to allow MS WebFolders as clients. When I try to
connect using WebFolders, I get rejected because WebFolders strips the
trailing slash (ie. /my/dav/ becomes /my/dav) and Apache sendes a 301
redirect to /my/dav/ which breaks WebFolders. I fixed that for now using
a ProxyPass. Next problem, WebFolders tries to execute "something" (FP
extension supposedly), and as it fails with a 404, WebFolders refuses to
connect to the DAV repository:
"GET /_vti_inf.html HTTP/1.1" 404 323
"POST /_vti_bin/shtml.exe/_vti_rpc HTTP/1.1" 404 337
Does a workaround for this exist? I just tried Slide as DAV server and
it appears to handle these "special" cases, so I'm hoping that someone
somewhere has something similar for mod_dav.
Any input much appreciated,
Morten
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Making a robust DAV server deployment in an MS world
Posted by Dick Davies <ra...@hellooperator.net>.
* Eric <ef...@kwinternet.com> [1237 22:37]:
> Hi,
>
> I am curious about your post. We are looking into using Subversion combined
> with Dreamweaver to manage our mess. Subversion supports web dav though
> Apache, but I think it only runs on 1.3 right now.
mod_dav_svn needs apache 2.0
(though I didn't know dreamweaver had svn support, thought it was just DAV?
So I could be wrong..)
> My only real concern is security, the ease of use of web dav makes me
> nervous since we are looking to use it on the Internet, not just on our
> local network.
You might have to rethink your plan, I'm afraid.
Last time I checked, Dreamweaver couldn't do webdav over SSL.
--
'Everybody's a jerk. You, me, this jerk.'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Making a robust DAV server deployment in an
MS world
Posted by Eric <ef...@kwinternet.com>.
Hi,
I am curious about your post. We are looking into using Subversion combined
with Dreamweaver to manage our mess. Subversion supports web dav though
Apache, but I think it only runs on 1.3 right now. What kind of clients are
you expecting to be using? I would expect that any client can be treated
like a browser and special rules applied one way or another. Even if it
comes down to a mod_rewrite sort of thing you should be able to do it.
My only real concern is security, the ease of use of web dav makes me
nervous since we are looking to use it on the Internet, not just on our
local network.
Thanks,
Eric
At 01:21 PM 12/20/2004, Morten wrote:
>Hi,
>
>I'm currently planning the setup of an Apache2 WebDAV server. I will be
>running multiple projects, ie. have folders like:
>
>/dav/project01/
>/dav/project02/
>
>There will be authentication and authorization so project01 members cannot
>see project02 files and so on. All access will be via https.
>
>I'm a bit insecure if mod_dav (or DAV in general) is robust enough,
>particularly after reading the following in the SVN book:
>
>--
>Please note that Windows XP without the servicepack 1 will lead to bogus
>network data and could therefore corrupt your repository!
>--
>
>Is there any way I can control/limit what DAV clients get used? I know
>that this is not a mod_dav issue per se, but I cannot use a solution where
>a bad client in project01 takes down the entire DAV repository. What do
>you guys do with respect to the broken MS clients? (I'm also thinking
>other issues like those adressed in mod_auth_msfix)
>
>Any insight (and caveats) much appreciated.
>
>Thanks,
>
>Morten
>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
Lead Programmer
D.M. Contact Management
250.383.8267 ext 229
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org