You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@jackrabbit.apache.org by Norman Maurer <no...@apache.org> on 2010/07/01 13:59:03 UTC

Chroot webdav per user

Hi,

is it somehow possible to chroot to a dynamic node when a user login
via webdav ? For example I have the structure

/mailboxes/#mail/u/user1
/mailboxes/#mail/u/user2

When user1 logs in I would like to chroot to:
/mailboxes/#mail/u/user1

For user2:
/mailboxes/#mail/u/user1

So is this possible somehow ?

Thx,
Norman

Re: Chroot webdav per user

Posted by Norman Maurer <no...@apache.org>.

Hi Jukka,

 the idea was to let the user only see his own mailboxes via webdav,
whithout the need for him to know the exactly path.

Bye,
Norman


2010/7/2 Jukka Zitting <ju...@gmail.com>:
> Hi,
>
> On Thu, Jul 1, 2010 at 2:59 PM, Norman Maurer <no...@apache.org> wrote:
>> is it somehow possible to chroot to a dynamic node when a user login
>> via webdav ?
>
> Not by default.
>
> The easiest first approach to add a feature like this would probably
> be to add a custom Filter (or even a mod_rewrite rule if you're
> working behind an httpd proxy) that takes the authenticated username
> and uses that to redirect rewrite the request path. That'll however
> not work with requests like PROPFIND or COPY where resource paths are
> included in other places than just the request URI.
>
> A more complete solution would probably need to be built into the
> WebDAV handling code in Jackrabbit. You may want to file a feature
> request for that.
>
> On the other hand, is there a reason why you wouldn't want the
> per-user path included in the URI? Think of a normal Unix file system
> where all user homes are at /home/$user instead of at /, and access
> controls are used to manage read and write access to different parts
> of the system.
>
> BR,
>
> Jukka Zitting
>

Re: Chroot webdav per user

Posted by Jukka Zitting <ju...@gmail.com>.

Hi,

On Thu, Jul 1, 2010 at 2:59 PM, Norman Maurer <no...@apache.org> wrote:
> is it somehow possible to chroot to a dynamic node when a user login
> via webdav ?

Not by default.

The easiest first approach to add a feature like this would probably
be to add a custom Filter (or even a mod_rewrite rule if you're
working behind an httpd proxy) that takes the authenticated username
and uses that to redirect rewrite the request path. That'll however
not work with requests like PROPFIND or COPY where resource paths are
included in other places than just the request URI.

A more complete solution would probably need to be built into the
WebDAV handling code in Jackrabbit. You may want to file a feature
request for that.

On the other hand, is there a reason why you wouldn't want the
per-user path included in the URI? Think of a normal Unix file system
where all user homes are at /home/$user instead of at /, and access
controls are used to manage read and write access to different parts
of the system.

BR,

Jukka Zitting