This will avoid a “crossover” from the simple webserver to the WebDAV enabled “parts” of the webserver. The key here to understand is that the users “DocumentRoot” is not contained _within_ the main webserver DocumentRoot but resides “next” to it. Second, you have a set of aliases defined (and the corresponding Directory configurations which in turn set up the authentication for _each_ directory. First, you have a simple webserver with its DocumentRoot pointing to /serv//htdocs/. I hope I can resolve your issues/questions. Require user you could even push it one step further by creating complete VirtualHosts if you can setup subdomains with the name of each individual user so your users could access their WebDAV service using an URL like The snippets are best named as the corresponding user for which the WebDAV service is provided. In any case, if I had to set up WebDAV for 2200 users I would create a VirtualHost file and use the Apache2 Includedirective to include the 2200 snippets which can be automatically generated using a simple shell script and a template that replaces the actual user name and also creates the corresponding user directory.
After being authenticated and using a different URL I was prompted for a username and password (and thus had to reauthenticate with the correct credentials). I was unable to reproduce the behaviour you report using the setup described in my blog posting. To me, it looks as if that approach could actually work :)Ĭan you provide an example of your configuration? Progress: 100.0% of 1048576 bytes failed:Īnd then checking the file system using df:įilesystem Size Used Avail Use% Mounted on Uploading test2.img to `/user1/test2.img’: Using cadaver as client trying to upload all the 1MB image files: To check if it works as expected, 2 files with each 1MB in size have been created using dd: $ chown -R www-data:www-data /mnt/tmpfs/user1Īlso, have changed the and configuration items to point to /mnt/tmpfs/user1 $ mount -osize=2m tmpfs /mnt/tmpfs/user1 -t tmpfs
To demonstrate this, I have set up a temorary file system as show below: I know, hence the idea of a unique file system per user configuration item.Īlthough, as you correctly observe, all WebDAV users are basically www-data on the system it should still be possible to limit each WebDAV users file system usage by providing a dedicated file system for each configured WebDAV user. IndexOptions -IconsAreLinks NameWidth=* FancyIndexing SuppressLastModified FoldersFirst If you want to allow the user to access his WebDAV directory using an Internet browser you can add the following lines to the corresponding configuration item. ServerAdmin /serv//htdocs/ĮrrorLog /serv//logs/error.logĬustomLog /serv//logs/access.log combinedĪlias /user1 /serv//webdav/user1ĪuthUserFile /serv//auth/erĪlias /user2 /serv//webdav/user2Īlias /transfer /serv//webdav/transfer
In the following example, three WebDAV folders are configured, one for each user and a shared folder for all users.ĭAVLockDB /serv//auth/DAVLock
Additionaly, this frees up the which can provide further information on how to use the service.Īnd voilà, every user has his own WebDAV folder and can not see or access the folders of other users.
So I decided to move the WebDAV folders out of the DocumentRoot and providing an Alias, and configuration item for each folder and setting up access to that folder in the configuration item. This is obviously an undesirable behaviour. At first sight, this seemed to provide what was requested.Īfter some testing it showed this approach had a major security issue: If the user just accessed and authenticated successfully, the user was able to see and write to all available folders. My first approach was to set up the WebDAV folders within the DocumentRoot and hence only one configuration item was needed with multiple configuration items. After some extensive research I was unable to find any good hints on how to actually do this. Additionally, all users should be able to use a shared WebDAV folder.
I recently was requested to set up an apache webserver to provide WebDAV folders for multiple users with individual folders.