stevepedwards.com/DebianAdmin linux mint IT admin tips info

WebDAV – Web based Distributed Authoring and Versioning – Digest Auth with HTTPS Access

Continuing on from the last Post, attempting access to the server via SSL (HTTPS) gives the Apache2 default page:

httpsdefault.png

Editing the "secure" sites file, you see the defaults:

vim /etc/apache2/sites-enabled/default-ssl.conf

<IfModule mod_ssl.c>

<VirtualHost _default_:443>

ServerAdmin webmaster@localhost

DocumentRoot /var/www/html

I'm creating a separate folder for this access for clarity.

sudo mkdir /var/www/DAV

The DAV directory needs to be owned by www-data so apache can handle the login, but in stevee group so it is writable remotely.

sudo chown -R www-data:stevee /var/www/DAV/

sudo chmod g+w /var/www/DAV/

ls -l /var/www/
total 24
drwxrwxr-x 2 www-data stevee 4096 Aug 4 12:29 DAV
-rwxr-xr-x 1 www-data www-data 12288 Aug 3 19:10 DavLock
drwxr-xr-x 2 www-data www-data 4096 Mar 18 17:19 html
-rw-r--r-- 1 www-data www-data 392 Jul 28 10:01 index.html
drwxr-xr-x 2 www-data www-data 4096 Aug 3 20:54 webdav

File locking can be enabled for the parent directory by adding the line at the very top of the default.ssl file:

DavLockDB /var/www/DavLock

Add the next lines to create the dav structure to the bottom of default.ssl similarly to before for HTTP:

Alias /DAV /var/www/DAV

<Directory /var/www/DAV>

DAV On

AuthType digest

AuthName "DAV"

AuthUserFile /etc/apache2/users.password

Require valid-user

</Directory>

</VirtualHost>

</IfModule>

create the password file - note the "realm" as the DAV folder:
stevee@hpmint ~ $ sudo htdigest -c /etc/apache2/users.password DAV stevee
Adding password for stevee in realm DAV.
New password:
Re-type new password:
stevee@hpmint ~ $ sudo vi /etc/apache2/users.password

stevee:DAV:bac792.......

stevee@hpmint ~ $ sudo service apache2 restart
* Restarting web server apache2 [ OK ]

Nautilus can utilise SSL with davs prefix but seems buggy via SSL - it corrupts files after transfer:

On the whole, I'm not impressed with this technology at all - in Mint at least - it is very slow compared to samba and the whole point of being able to edit in place while locking the file is not working - you get a local Save option if you edit a remote file with my particular config anyway..? As I won't ever be using this, I've lost interest in further experimentation.

A main functional aspect is to use browser platform independence for file access, but you can only view and download documents via the browser as far as I can tell, not use them to upload - not without plugins or other methods at least, but maybe I'm missing something in this setup?

Although Nautilus can upload files, it was disappointing via digest and SSL due to the corruption issue video above.

Cadaver cannot use HTTPS either - but if Nautilus connects why not?

cadaver https://192.168.1.5/DAV
Could not open collection:
SSL handshake failed: SSL error: A TLS warning alert has been received.
dav:/DAV/?

In both Chrome and Firefox browsers, text files are read automatically, not offered for download, which is also pointless as a default - whether set rw for group or not; http or https or not.

ls -l /var/www/webdav/
-rw-rw-r-- 1 www-data stevee 13470 Aug 3 19:11 Quals.odt
-rw-rw-r-- 1 www-data stevee 67 Aug 3 19:10 sample.txt

ls -l /var/www/DAV/
-rw-rw-r-- 1 www-data stevee 3342 Aug 4 12:35 badportsbig.txt

Also, the DAV lock line seems incorrect, as I can edit the same file from two different PCs. Suspect incorrect initial HowTo info I read for that - I would think it would need an actual DB to refer to somewhere...? Or it should be INSIDE the directory it is meant to refer to, not outside as in the default.ssl file...

Comments are closed.

Post Navigation