|
From: | Eric S. Johansson |
Subject: | [Gnu-arch-users] Re: webdav take 1 (digest version) |
Date: | Mon, 12 Apr 2004 11:05:43 -0400 |
User-agent: | Mozilla Thunderbird 0.5 (Windows/20040207) |
Eric S. Johansson wrote:
played around with it a bit this weekend and this morning. Here's what I have, collected from a few notes on the net plus my own experimentation:
btw, tested with cadaver. makes webdave look like ftp. here is potential digest auth changes.
# The top level DAV directory # Here we turn DAV on, allow web browser access, and enable only read# operations. The application realm name can be called anything that pertains to your application..# many of the configuration recipes did not have the combination of # an alias and directory. Obvious in hindsight but I will try to # be the last person to point fingers. Alias /test /var/webdav/test <Directory "/var/webdav/test"> # access/authorization. Have not had a chance to play with digest # mode yet. That is next on the list. # one note, many folks put this access control configuration inside of # .htaccess and it's probably reasonable in a system which # is ministered by someone other than you. We should probably to # improve this recipe to deny all access to .htaccess to minimize # the chances of being overridden. AllowOverride None
AuthType Digest AuthName "privaloo" AuthDigestDomain /test AuthDigestFile /var/webdav/users-digest
DAV On Order allow,deny # I think I have one more allow them is truly necessary. The second # item 1 experimentation list. The options for indices and follow # symlinks are useful if you want to provide ordinary HTTP access to # this segment of the file system Allow from all Options Indexes FollowSymLinks # what to allow and when. the only variation I can suggest for this # is to add a require valid-user in order to restrict read access # as well <Limit HEAD GET POST OPTIONS PROPFIND> Allow from all </Limit> <Limit MKCOL PUT DELETE LOCK UNLOCK COPY MOVE PROPPATCH> Allow from all require valid-user </Limit> </Directory>
[Prev in Thread] | Current Thread | [Next in Thread] |