(c) 2002 Tero Karvinen - All Rights Reserved
Webdav passwords, Basic authentication
# luit nano -w /etc/httpd/conf/httpd.conf
Dav On
AuthType Basic
AuthName DAV
AuthUserFile /home/files/.htpasswd
require valid-user
# /etc/init.d/httpd restart
files$ htpasswd -c /home/files/.htpasswd tee
New password: TestiSaleSana3
tee$ cadaver http://localhost/~files
Authentication required for DAV on server `localhost':
Username:
=> Basic authentication works.
http://httpd.apache.org/docs-2.0/mod/mod_dav.html
http://httpd.apache.org/docs-2.0/howto/auth.html#lettingmorethanonepersonin
WebDav passwords, Digest authentication
- All webdav clients must support Digest authentication (rfc)
- Server must not allow Basic authentication without SSL (rfc)
# luit nano /etc/httpd/conf/httpd.conf
Dav On
AuthType Digest
AuthName dav
AuthDigestDomain /home/files/public_html/
AuthdigestFile /home/files/.digest_passwd
require valid-user
# /etc/init.d/httpd restart
files$ htdigest -c .digest_passwd dav tee # -c to create new file
Adding password for tee in realm dav.
New password: saL-ais..s
Re-type new password:
tee$ mozilla # http://localhost/~files
Digest Authentication notes:
- testing with ethereal, Digest authentication works. Password is
encrypted and cannot be seen, username is sent clear:
Authorization: Digest username="tee", realm="dav",
nonce="GR/i4p62AwA=0f3a58fa1452e3ade398176d40f01434c4eae3ed",
uri="/~files/", response="fe39d8e3dfd9d0278a0904885910ac73",
algorithm="MD5"
- Linking bypasses both Basic and Digest authentication
- Avoid: ln -s /home/wasSecure /var/www/html/unsecure # dangerous
- Now accessing localhost/unsecure does not ask for password
Mozilla WebDav
$ mozilla &
http://localhost/~files
click test.txt
File: Edit Page
(Mozilla Composer opens)
Type some text"This is a test file"
Publish
Enter user name and password when prompted
File is modified in server, then Mozilla says "Publishing completed"
(Back in Mozilla browser)
Reload the page, and you can see your changes
(if the page was originally plain text, it still is)
apache ssl 128 bit only
# luit nano /etc/httpd/conf/httpd.conf
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
http://httpd.apache.org/docs-2.0/ssl/ssl_howto.html
apt-get install mod_dav cadaver
mkdir /var/www/html/upload
pico /etc/httpd/conf/httpd.conf
DAVLockDB /tmp/ApacheDavLock
Dav On
$ cadaver localhost/upload
Looking up hostname... Connecting to server... connected.
Connecting to server... connected.
dav:/upload/> put somedoc.txt
Uploading kvakone.txt to `/upload/kvakone.txt': (reconnecting...done)
Progress: [=============================>] 100.0% of 732 bytes succeeded.
dav:/upload/> exit
Connection to `localhost' closed.
Make hole in firewall (https 443)
Win98
Add web folder (remember to type full path or get weird error)
https://mymachine.org/files
Files can not be used directly, they must be copied to local filesystem for
use. Office2000 supports WebDav upload/download.
$ cadaver http://localhost/~tee/dav/
dav:/~tee/dav/> ls
Listing collection `/~tee/dav/': collection is empty.
dav:/~tee/dav/> Terminated by signal 2.
Connection to `localhost' closed.
$ cadaver http://localhost/~tee/
Could not access /~tee/ (not WebDAV-enabled?):
405 Method Not Allowed
Connection to `localhost' closed.
dav:!> quit
=> WebDAV is enabled in ~tee/dav/, but not in ~tee/
Dav works with cadaver when chmod a+rwx dav dir and limit put allow for all
$ cadaver http://localhost/~tee/dav
dav:/~tee/dav/> put dav.txt
Uploading dav.txt to `/~tee/dav/dav.txt':
Progress: [=============================>] 100.0% of 257 bytes succeeded.
dav:/~tee/dav/>
-
WebDAV with Mozilla
mozilla http://localhost/~tee/dav/asdf
mozilla -edit
publish
- Settings
- Publishing addr & http addr: http://localhost/~tee/dav/
- Filename: asdf
Click Publish
It works!
WebDav
- Apache 2.0 contains mod_dav, mod_auth_digest and mod_auth_ldap
http://httpd.apache.org/docs-2.0/mod/mod_dav.html
# adduser files
# luit nano /etc/httpd.conf
Dav On
# /etc/init.d/httpd restart
(In RedHat 8.0, modules mod_dav and mod_davfs are loaded and DavLockDB
set out-of-the-box. )
as user "files":
$ mkdir public_html
$ chmod a+x ~ ~/public_html (the default permissions for web)
$ chmod a+w ~/public_html (user apache needs write for upload)
as any other user:
$ echo "Testing" > test.txt
$ cadaver https://localhost/~files/
> put test.txt
Uploading somefile.txt to `/~files/test.txt':
Progress: [=============================>] 100.0% of 192 bytes succeeded.
> quit
=> Webdav works in linux-linux, without authentication