You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@jackrabbit.apache.org by Norman Maurer <no...@apache.org> on 2010/07/01 13:59:03 UTC
Chroot webdav per user
Hi,
is it somehow possible to chroot to a dynamic node when a user login
via webdav ? For example I have the structure
/mailboxes/#mail/u/user1
/mailboxes/#mail/u/user2
When user1 logs in I would like to chroot to:
/mailboxes/#mail/u/user1
For user2:
/mailboxes/#mail/u/user1
So is this possible somehow ?
Thx,
Norman
Re: Chroot webdav per user
Posted by Norman Maurer <no...@apache.org>.
Hi Jukka,
the idea was to let the user only see his own mailboxes via webdav,
whithout the need for him to know the exactly path.
Bye,
Norman
2010/7/2 Jukka Zitting <ju...@gmail.com>:
> Hi,
>
> On Thu, Jul 1, 2010 at 2:59 PM, Norman Maurer <no...@apache.org> wrote:
>> is it somehow possible to chroot to a dynamic node when a user login
>> via webdav ?
>
> Not by default.
>
> The easiest first approach to add a feature like this would probably
> be to add a custom Filter (or even a mod_rewrite rule if you're
> working behind an httpd proxy) that takes the authenticated username
> and uses that to redirect rewrite the request path. That'll however
> not work with requests like PROPFIND or COPY where resource paths are
> included in other places than just the request URI.
>
> A more complete solution would probably need to be built into the
> WebDAV handling code in Jackrabbit. You may want to file a feature
> request for that.
>
> On the other hand, is there a reason why you wouldn't want the
> per-user path included in the URI? Think of a normal Unix file system
> where all user homes are at /home/$user instead of at /, and access
> controls are used to manage read and write access to different parts
> of the system.
>
> BR,
>
> Jukka Zitting
>
Re: Chroot webdav per user
Posted by Jukka Zitting <ju...@gmail.com>.
Hi,
On Thu, Jul 1, 2010 at 2:59 PM, Norman Maurer <no...@apache.org> wrote:
> is it somehow possible to chroot to a dynamic node when a user login
> via webdav ?
Not by default.
The easiest first approach to add a feature like this would probably
be to add a custom Filter (or even a mod_rewrite rule if you're
working behind an httpd proxy) that takes the authenticated username
and uses that to redirect rewrite the request path. That'll however
not work with requests like PROPFIND or COPY where resource paths are
included in other places than just the request URI.
A more complete solution would probably need to be built into the
WebDAV handling code in Jackrabbit. You may want to file a feature
request for that.
On the other hand, is there a reason why you wouldn't want the
per-user path included in the URI? Think of a normal Unix file system
where all user homes are at /home/$user instead of at /, and access
controls are used to manage read and write access to different parts
of the system.
BR,
Jukka Zitting