Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
HOWTO (v1.06): Creating a WebDAV server with apache2
View unanswered posts
View posts from last 24 hours

Goto page 1, 2  Next  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
Pergamon
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2004
Posts: 117

PostPosted: Wed May 18, 2005 10:25 am    Post subject: HOWTO (v1.06): Creating a WebDAV server with apache2 Reply with quote

Introduction: Why WebDAV?

I needed a way to share information (both read and write) as easy as possible with friends in a quite restricted environment (firewall). In many cases, WebDAV which uses standard HTTP port 80 for comunication is a good solution for a file server application.

Clarification: Note that even so a web server is used to host the WebDAV protocol, client access is normally not done via a web browser. A special WebDAV client is required. Fortunately Gnome, KDE, Windows 2000+XP and Mac OS X all include WebDAV clients. Once this client is correctly configured, explorer/finder/nautilus/konqueror can be used to browse files comfortably. See the "Testing" section below to learn how to configure a WebDAV client.

I am going to use apache-2.0.54-r5 in this howto for setup of the DAV server.

Some house-cleaning

You can skip this chapter, if apache is already installed on you system.

If your system (like mine) is a bit older, chances are that your harddisk is cluttered with different versions of apache config files which have been moved around quite a bit. If you experience problems like apache segfaulting, configs are not where they are supposed to be etc., go for a fresh installation (after backing up whatever you want to keep). It is a good idea to do a

Code:
emerge -uD world

first, then:

Code:
emerge unmerge apache
rm -Rf /var/www
rm -Rf /etc/apache2
rm /etc/conf.d/apache2
rm /etc/init.d/apache2
emerge apache
mkdir -p /var/www/localhost/htdocs

Now put a smal test http document index.html into /var/www/localhost/htdocs (assuming this is still your standard web space configured in httpd.conf):

Code:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My WebDAV server</title>
</head>
<body>
Hello, world!
</body>
</html>

Now start the server:

Code:
rc-update add apache2 default
/etc/init.d/apache2 start

At this point you should be able to test this page with a standard browser.

Setting up apache2 for WebDAV

Edit /etc/conf.d/apache2 to make sure the dav modules are loaded:

Code:
APACHE2_OPTS="-D DAV -D DAV_FS"

Now create a repository you want to share (/var/dav/mydavserver) and a place for the lock file lockdb (/var/lib/dav/):

Code:
mkdir -p /var/dav/mydavserver
chown -R apache:apache /var/dav

mkdir -p /var/lib/dav
chown -R apache:apache /var/lib/dav

and create user account(s)

For the first user use:
Code:
htpasswd2 -c /var/dav/.davpasswd mydavuser

The -c option creates (or truncates if already existing) the file .davpasswd.

For additional users (existing file .davpasswd) use:
Code:
htpasswd2 /var/dav/.davpasswd mydavuser

(no -c option!)

Now the DAV module needs to be configured. Change the following in /etc/apache2/modules.d/45_mod_dav.conf:
Code:
<IfDefine DAV>
  <IfModule !mod_dav.c>
    LoadModule dav_module    modules/mod_dav.so
  </IfModule>
</IfDefine>

<IfDefine DAV_FS>
  <IfModule !mod_dav_fs.c>
    LoadModule dav_fs_module   modules/mod_dav_fs.so
  </IfModule>
</IfDefine>

<IfModule mod_dav.c>

    Alias /mydavserver /var/dav/mydavserver
    DavMinTimeout 600
        <Location /mydavserver>
                Options None
                Dav On
                <Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
                        AuthType Basic
                        AuthName "WebDAV Restricted Repository"
                        AuthUserFile /var/dav/.davpasswd
                        Require valid-user
                </Limit>
        </Location>

</IfModule>

<IfModule mod_dav_fs.c>

    # Location of the WebDAV lock database.
    DavLockDB /var/lib/dav/lockdb

</IfModule>

If you want to allow standard web browser read access without authentication, remove the "GET" from the LIMIT statement above.

Testing

Testing a WebDAV repository from Windows

* Do not use internet explorer or any other web browser for this test.
* Double click the "Network" icon and select "Add network place". This starts the "Add network place wizzard". Select "Chose another network location" (we don't want MSN ;-) ) and enter http://www.mydomain.com/mydavserver or https://www.mydomain.com/mydavserver if you followed the SSL installation.
* This should bring up a login box with an info text we configured in 45_mod_dav.conf, "WebDAV Restricted Repository" in our example. Once you see this text, you verified, that WevDAV is active.
* Now enter the account created with htpasswd2 and you should see your WebDAV directory with Windows explorer. This should work with Windows 2000 and Windows XP (or 2003 Server).
* According to autarkeia, Windows XP sometimes seems to require a portnumer :80 so try: http://www.mydomain.com:80/mydavserver to correctly access web dav repositories.

Testing a WebDAV repository from Mac OS X Tiger

* Do not use any web browser for this test.
* Start Finder, select menu "GO" option "Connect to server".
* enter http://www.mydomain.com/mydavserver or https://www.mydomain.com/mydavserver if you followed the SSL installation.
* This should bring up a box "WebDAV file system authentication" with information about the URL and realm. The realm again should be exactly what was configured in 45_mod_dav.conf, "WebDAV Restricted Repository" in our example. Once you see this text, you verified, that WevDAV is active.
* Now enter the account created with htpasswd2 and you should see your WebDAV directory. I tested with Mac OS X 10.4.1.

Testing a WebDAV repository from Gnome

* Do not use web browser functionality for this test.
* Start nautilus, select menu "File", option "Connect to server". Select Service type "WebDAV (Http)" or "Secure WevDAV (HTTP)" if you used SSL.
* Enter www.mydomain.com/mydavserver. This shows a login box ttp://www.mydomain.com/WebDAV Restricted Repository. Note the text configured in 45_mod_dav.conf.
* Now enter the account created with htpasswd2 and you should see your WebDAV directory.

Adding more security

Additionally, SSL can be used to encrypt the client server communication. I will use a certificate generated for free at cacert.org (inspired by a CACERT howto on gentoo-wiki.org).

Go to www.cacert.org to create a free account. Validate your domain mydomain.com which is required to generate a certificate for a server myserver.mydomain.com.

Then generate a certificate request that can be given to cacert.org:
Code:
cd /etc/apache2/ssl
openssl genrsa -out myserver.mydomain.com.key 1024
openssl req -new -key myserver.mydomain.com.key -out myserver.mydomain.com.csr

The second openssl command will ask a number of questions, only "Common Name" is important and should be myserver.mydomain.com. Otherwise cacert wont certify.

Now create a server certificate on cacert.org using the created *.csr file and copy the resulting information into a file myserver.mydomain.com.crt.

Now we need to configure apache. First make sure the SSL module is loaded too, edit /etc/conf.d/apache2 and add the -D SSL:

Code:
APACHE2_OPTS="-D SSL -D DAV -D DAV_FS"

the customize /etc/apache2/modules.d/41_mod_ssl.default-vhost.conf:

Code:
SSLCertificateFile conf/ssl/myserver.mydomain.com.crt
SSLCertificateKeyFile conf/ssl/myserver.mydomain.com.key

Now you can create secure connections from clients by using the connection secure HTTPS URL:

https://myserver.mydomain.com/mydavserver

If you want to allow only SSL access, add (as niltonvolpato pointed out) a SSLRequireSSL into the <Location> section:

Code:
<Location /mydavserver>
    SSLRequireSSL
    ...
</Location>


Trouble shooting

I'll try to list a few reasons for the 403 forbidden error.
* First of all, a normal web browser will not list a web dav directory, instead you get this forbidden error. Make sure you are actually using a webdav client to access your server and not a web browser. See the testing chapter in the FAQ how build-in webdav clients are used for different client operating systems. Additionally a web browser can be used to access a single file, so entering the webdav-url + file-name should work too.

If you get messages like: "client denied by server configuration: /var/dav/svn", try:
* In some configurations of apache config (httpd.conf) inherited permissions deny access. Adding:
Code:

        ...
        AllowOverride None
        Order allow,deny
        Allow from all
    </Location>

to our Location directive in 45_mod_dav.conf should fix that.

* Make sure, your webdav repository has group and owner of the username of apache server (ususally 'apache')

* Double check the account creation via htpasswd2 (cat /var/dav/.davpasswd and verify that all required user account are there.)

* Check the apache configuration in 45_mod_dav.conf

* Check the logs (/var/log/apache)

* Verify that standard web functionality is working (e.g. using the small test html file created above.)

* If connecting from Windows XP fails, try to add a port number :80 into the connection URL: http://www.mydomain.com:80/mydavserver this seems to be a work around for some XP issues.

Credits

This got me started:

http://forums.gentoo.org/viewtopic-t-259786-highlight-moddav+howto.html
http://gentoo-wiki.com/HOWTO_cacert.org_SSL_certificates

Further information

http://httpd.apache.org/docs-2.0/mod/mod_dav.html

History

2005-06-04: v1.01: Some beautification, no essential changes.
2005-06-04: v1.02: clarification on usage of htpasswd2
2005-06-16: v1.03: Expanded testing section and created troubleshooting section
2005-07-03: v1.04: Added tip for connecting from Windows XP using port number :80
2005-08-03: v1.05: Fix for access-denied because of inherited permissions added
2005-08-11: v1.06: Tip for ssl-only access to WebDAV added, SSLRequireSSL


Last edited by Pergamon on Thu Aug 11, 2005 11:55 am; edited 11 times in total
Back to top
View user's profile Send private message
gtaluvit
Tux's lil' helper
Tux's lil' helper


Joined: 09 Aug 2003
Posts: 135
Location: Columbia, MD

PostPosted: Fri May 20, 2005 10:08 pm    Post subject: Reply with quote

You may also want to add, that if you are using authentication, not using SSL, and trying to connect with WindowsXP, that you have to either specify the port in Add Network Places, or use a # on the end of your folder. So:

Code:

http://myserver:80/myfolder
http://myserver/myfolder/#


If you see Microsoft-WebDAV-MiniRedir accesses in your access logs with PROPFIND 401 500's, or you keep trying to connect and WinXP keeps throwing the domain name infront of your username, that's why. You want to see Microsoft Data Access Internet Publishing Provider DAV 1.1 instead which will connect correctly.
_________________
I'm out of bed and dressed, what more do you want?
Back to top
View user's profile Send private message
mallchin
l33t
l33t


Joined: 21 Jan 2003
Posts: 655
Location: United Kingdom

PostPosted: Sat May 21, 2005 1:32 pm    Post subject: Reply with quote

I am trying to connect with nautilus but it says:

Nautilus cannot display "dav://ganymede"
Please select another niewer and try again.

Hrm...

And this in the logs:

Code:

[Sat May 21 15:40:28 2005] [notice] child pid 4302 exit signal Segmentation fault (11)

_________________
6700 @ 2.66GHz, 4Gb RAM, 2 x 500Gb, 8800 GTX, PhysX, X-Fi, 24" Widescreen, Tux mascot
Back to top
View user's profile Send private message
Pergamon
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2004
Posts: 117

PostPosted: Mon May 23, 2005 7:12 am    Post subject: Faq update, segfaults Reply with quote

@mallchin: In the beginning I had those segfaults too. The apache guys seems to have made internal changes that will cause segfaults, if you are working on a system that is not completely up-to-date or not properly rebuild after emerge of latest apache. (Read the warning notes after emerge of apache). This is basically why I wrote the "Housecleaning" section in the beginning of the FAQ - this was how I got it working.

@gtaluvit: I put a reference of your tricks into the howto, thanks.
Back to top
View user's profile Send private message
mallchin
l33t
l33t


Joined: 21 Jan 2003
Posts: 655
Location: United Kingdom

PostPosted: Mon May 23, 2005 11:14 am    Post subject: Reply with quote

Pergamon, yep, I saw the notice at the end of the latest build and hadn't rebuilt my apache modules, I will try that...
_________________
6700 @ 2.66GHz, 4Gb RAM, 2 x 500Gb, 8800 GTX, PhysX, X-Fi, 24" Widescreen, Tux mascot
Back to top
View user's profile Send private message
apberzerk
Apprentice
Apprentice


Joined: 11 Jan 2004
Posts: 278
Location: kansas...

PostPosted: Thu May 26, 2005 10:49 am    Post subject: Reply with quote

I just tried all this, but when I go to mywebsite/mydavserver I get a 403 Forbidden. I have no idea what I am doing, so all I did was follow the instructions exactly. Any idea what I did wrong?

- Phil
Back to top
View user's profile Send private message
timfreeman
Tux's lil' helper
Tux's lil' helper


Joined: 19 May 2003
Posts: 142
Location: Chicago

PostPosted: Fri May 27, 2005 5:52 am    Post subject: Reply with quote

That just happened to me, it was because I have directory listing off by default -- accessing a file in the dav directory worked.
_________________
|||
Back to top
View user's profile Send private message
Pergamon
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2004
Posts: 117

PostPosted: Fri May 27, 2005 2:07 pm    Post subject: 403 forbidden Reply with quote

I'll try to list a few reasons for the 403 forbidden error.
    * First of all, a normal web browser will not list a web dav directory, instead you get this forbidden error. Make sure you are actually using a webdav client to access your server and not a web browser. See the testing chapter in the FAQ how build-in webdav clients are used for different client operating systems. Additionally a web browser can be used to access a single file, so entering the webdav-url + file-name should work too.
    * Make sure, your webdav repository has group and owner of the username of apache server (ususally 'apache')
    * Double check the account creation via htpasswd2
    * Check the apache configuration in 45_mod_dav.conf
    * Check the logs (/var/log/apache)
    * Verify that standard web functionality is working (e.g. using the small test html file created above.)
Back to top
View user's profile Send private message
apberzerk
Apprentice
Apprentice


Joined: 11 Jan 2004
Posts: 278
Location: kansas...

PostPosted: Fri May 27, 2005 8:58 pm    Post subject: Reply with quote

Ah ok, I see now. Yeah, I wasn't even sure how to USE it, I just wanted to set it up because I heard it can be used to display calendars/schedules. But I found a thing called phpicalendar that does what I want it to do, instead. Thanks.
Back to top
View user's profile Send private message
cerb
Tux's lil' helper
Tux's lil' helper


Joined: 28 Jun 2002
Posts: 89

PostPosted: Fri Jun 03, 2005 9:10 am    Post subject: Reply with quote

Hi,

Thanks for the good HOWTO. It seems to work basically - Apache starts without errors :P

But when I try to connect (MAC OS Tiger) I get errors that it couldn't find the server. This is not true. An ngrep on the server reveils the following:
Code:

T client:54850 -> server:80 [AP]
OPTIONS /cerbdav/ HTTP/1.1.
User-Agent: WebDAVFS/1.3 (01308000) Darwin/8.1.0 (Power Macintosh).
Accept: */*.
Content-Length: 0.
Connection: keep-alive.
Host: www.server.de.
.


T server:80 -> client:54850 [A]
HTTP/1.1 403 Forbidden.
Date: Fri, 03 Jun 2005 08:59:24 GMT.
Server: Apache/2.0.52 (Gentoo/Linux) mod_perl/1.99_11 Perl/v5.8.5 mod_ssl/2.0.52 OpenSSL/0.9.7d DAV/2 PHP/5.0.3.
Vary: accept-language,accept-charset.
Accept-Ranges: bytes.
Keep-Alive: timeout=15, max=100.
Connection: Keep-Alive.
Transfer-Encoding: chunked.
Content-Type: text/html; charset=iso-8859-1.
Content-Language: en.
.
1e.
<?xml version="1.0" encoding=".
a.
ISO-8859-1.
a5.
"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang=".
e.
en" xml:lang=".
13.
en">
<head>
<title>.
38.
Access forbidden!</title>
<link rev="made" href="mailto:.
131.
admin@server.de" />
<style type="text/css"><!--/*--><![CDATA[/*><!--*/
    body { color: #000000; background-color: #FFFFFF; }
    a:link { color: #0000CC; }
    p, address {margin-left: 3em;}
    span {font-size: smaller;}
/*]]>*/--></style>
</head>

<body>
<img src=/server.de.Administration.jpg>
<br>
<h1>.
1b.
Access forbidden!</h1>
<p>
.
4.


  .
90.


    You don't have permission to access the requested directory.
    There is either no index document or the directory is read-protected.

  .
2.


.
9.
</p>
<p>
.
48.
If you think this is a server error, please contact
the <a href="mailto:.
1e.
admin@server.de">webmaster</a>.
.
11.

</p>

<h2>Error .
21.
403</h2>
<address>
  <a href="/">.
18.
www.server.de</a><br />
  .
9

T 62.141.42.76:80 -> 195.234.128.9:54850 [AP]
.

  <span>.
21.
Fri Jun  3 10:59:24 2005<br />
  .
8a.
Apache/2.0.52 (Gentoo/Linux) mod_perl/1.99_11 Perl/v5.8.5 mod_ssl/2.0.52 OpenSSL/0.9.7d DAV/2 PHP/5.0.3</span>
</address>
</body>
</html>
.
1.

.
0.
.

Permissions on the directory are OK:
Code:

drwxr-xr-x  3 apache apache 104 Jun  3 10:31 /var/dav
drwxr-xr-x  2 apache apache 48 Jun  3 10:47 /var/dav/cerbdav
drwxr-xr-x  2 apache apache 72 Feb  2 22:52 /var/lib/dav

The Apache-log states:
Code:

[Fri Jun 03 10:59:24 2005] [error] [client client] client denied by server configuration: /var/dav/cerbdav/

My config is the following:
Code:

<IfDefine DAV>
  <IfModule !mod_dav.c>
    LoadModule dav_module    modules/mod_dav.so
  </IfModule>
</IfDefine>

<IfDefine DAV_FS>
  <IfModule !mod_dav_fs.c>
    LoadModule dav_fs_module   modules/mod_dav_fs.so
  </IfModule>
</IfDefine>

<IfModule mod_dav.c>
    Alias /cerbdav /var/dav/cerbdav
    DavMinTimeout 600
        <Location /cerbdav>
                Options None
                Dav On
                <Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
                        AuthType Basic
                        AuthName "cerbfs WedDAV Restricted Repository"
                        AuthUserFile /var/dav/.davpasswd
                        Require valid-user
                </Limit>
        </Location>

</IfModule>

<IfModule mod_dav_fs.c>

    # Location of the WebDAV lock database.
    DavLockDB /var/lib/dav/lockdb

</IfModule>


Any suggestions would be appreciated.

Brgds,
cerbfs
_________________
Linux is a wigwam - no Windows, no Gates, Apache inside :-)
Back to top
View user's profile Send private message
Pergamon
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2004
Posts: 117

PostPosted: Sat Jun 04, 2005 9:38 am    Post subject: Tiger works for me Reply with quote

I tested this with Mac OS X Tiger 10.4.1 and didn't have any problems.

A few suggestions (but it is a bit digging in the dark, since your setup seems ok):
- If you set up a small web page on your apache, does that work?
- if that works, can you access a single file in your webdav browser not using a webdav client but a web browser (as discussed above?)
- Did you try other webdav clients? (e.g. kde, gnome or windows?)


Last edited by Pergamon on Sat Jun 04, 2005 3:50 pm; edited 1 time in total
Back to top
View user's profile Send private message
catalYst
Tux's lil' helper
Tux's lil' helper


Joined: 02 May 2002
Posts: 119
Location: Appleton, WI USA

PostPosted: Sat Jun 04, 2005 11:53 am    Post subject: Reply with quote

I'm having the same problem and I've combed through this Howto three times now very very carefully. I've tested it in Gnome (nautilus), evolution and Windows XP (ie), they all act as though my password is wrong or something. Irritating to say the least.
Back to top
View user's profile Send private message
Pergamon
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2004
Posts: 117

PostPosted: Sat Jun 04, 2005 5:02 pm    Post subject: More details on testing... Reply with quote

this information is now included in the howto itself

Just to make sure we are trying the same thing, I'll try to provide more details for usage with different operating systems.

Note: if you followed the howto version before 1.02 and created more than one user account, only the last account created with "htpasswd -c" is available. The -c option used with htpasswd truncates the password file each time and deletes old users. See corrections above.

Testing a WebDAV repository from Windows

* Do not use internet explorer or any other web browser for this test.
* Double click the "Network" icon and select "Add network place". This starts the "Add network place wizzard". Select "Chose another network location" (we don't want MSN ;-) ) and enter http://www.mydomain.com/mydavserver or https://www.mydomain.com/mydavserver if you followed the SSL installation.
* This should bring up a login box with an info text we configured in 45_mod_dav.conf, "WebDAV Restricted Repository" in our example. Once you see this text, you verified, that WevDAV is active.
* Now enter the account created with htpasswd2 and you should see your WebDAV directory with Windows explorer. This should work with Windows 2000 and Windows XP (or 2003 Server).

Testing a WebDAV repository from Mac OS X Tiger

* Do not use any web browser for this test.
* Start Finder, select menu "GO" option "Connect to server".
* enter http://www.mydomain.com/mydavserver or https://www.mydomain.com/mydavserver if you followed the SSL installation.
* This should bring up a box "WebDAV file system authentication" with information about the URL and realm. The realm again should be exactly what was configured in 45_mod_dav.conf, "WebDAV Restricted Repository" in our example. Once you see this text, you verified, that WevDAV is active.
* Now enter the account created with htpasswd2 and you should see your WebDAV directory. I tested with Mac OS X 10.4.1.

Testing a WebDAV repository from Gnome

* Do not use web browser functionality for this test.
* Start nautilus, select menu "File", option "Connect to server". Select Service type "WebDAV (Http)" or "Secure WevDAV (HTTP)" if you used SSL.
* Enter www.mydomain.com/mydavserver. This shows a login box ttp://www.mydomain.com/WebDAV Restricted Repository. Note the text configured in 45_mod_dav.conf.
* Now enter the account created with htpasswd2 and you should see your WebDAV directory.

More trouble shooting

* Check apache logs in /var/log/apache
* cat /var/dav/.davpasswd and verify that all required user account are there.
* verify directory permissions
* verify 45_mod_dav.conf.
Back to top
View user's profile Send private message
CB2206
Tux's lil' helper
Tux's lil' helper


Joined: 27 May 2003
Posts: 127
Location: NRW

PostPosted: Mon Jun 20, 2005 9:36 am    Post subject: Reply with quote

Thanks a lot for the great howto, Pergamon. Its working great here.

One question still remains. Is it in any way possible to let mod_dav support symlinks?
_________________
CB
Back to top
View user's profile Send private message
bwoo
n00b
n00b


Joined: 20 Jun 2005
Posts: 41
Location: New York, NY

PostPosted: Mon Jun 20, 2005 1:41 pm    Post subject: Reply with quote

I'm still having problems after following the HOWTO at least 5 times!
I'm using WinXP.

Here is an extract from my access_log:

[20/Jun/2005:09:28:25 -0400] "PROPFIND /mydavserver HTTP/1.1" 403 319 "-" "Microsoft-WebDAV-MiniRedir/5.1.2600"

And from my error_log

[Mon Jun 20 09:33:43 2005] [error] [client AAA.BBB.CCC.DDD] client denied by server configuration: /var/dav/mydavserver

Every time I enter my username and password, it comes back with the same dialog box, except that my username is now "http://www.myserver.com/mydavserver\mydavuser"

Can anyone help?

Thanks in advnace
Back to top
View user's profile Send private message
Pergamon
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2004
Posts: 117

PostPosted: Mon Jun 20, 2005 6:58 pm    Post subject: symlinks and permissions Reply with quote

@CB2206: Symlinks. I never tried this myself with webdav, but I read a post about someone who has used symlinks within a standard web site successfully. This did work as long as the symlinks target was owned by the user context running apache2. (apache in standard installations). So make sure the files in questions are chown apache:apache.

@bwoo: Did you try just to put a standard HTML page on apaches web space (as suggested in the howto) and to access this with a standard browser? Did you check if apache is really running with user name "apache"?
Once standard web stuff does work, you could try to remove the "GET" restriction in the limit statement of 45_mod_dav.conf. (See howto) After this you should be able to get files with a standard web browser without authentication. Directory browsing will not work, so you have to point to a single file with the browsers URL. This should allow to narrow down this issue.
Back to top
View user's profile Send private message
bwoo
n00b
n00b


Joined: 20 Jun 2005
Posts: 41
Location: New York, NY

PostPosted: Mon Jun 20, 2005 7:12 pm    Post subject: Reply with quote

Pergamon,

I do have the index.html file you mentioned and I also tried removing the GET directive.

Here is what I got:
the index.html shows properly
after removing the GET directive, I tried to log in, and it still asks for the password!

Also, despite the fac that in the AuthName section, I have "WebDAV Restricted Repository", it just says "Connecting to www.myserver.com"

I've been reading elsewhere that XP tends to have a problem logging on..

any other ideas?

b
Back to top
View user's profile Send private message
Pergamon
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2004
Posts: 117

PostPosted: Tue Jun 21, 2005 10:36 am    Post subject: Reply with quote

If XP isn't giving the comment you configured in AuthName, then XP isn't talking WebDAV to the apache at all.

Are you sure, that the apache web dav modules are loaded?

Did apache2 start correctly? I sometimes had problems after restarting apache2: it wouldn't always cleanly restart. I noticed when only one instance of apache2 was visible on "ps -A", there would be problems. Removing this process and restarting sometimes helped. While apache2 was ok, several processes apache2 where shown.

Is there a way to test your installation with a different Web Dav client (e.g. linux KDE or Gnome or MAC OS X)?
Back to top
View user's profile Send private message
bwoo
n00b
n00b


Joined: 20 Jun 2005
Posts: 41
Location: New York, NY

PostPosted: Tue Jun 21, 2005 12:19 pm    Post subject: Reply with quote

Pergamon,

I'm pretty sure that the webdav modules are loaded. apache2 seems to have started properly. in my error_log, is the following entry when I start Apache. I noticed DAV in there so, I'm guessing that it started properly.

[Tue Jun 21 08:14:04 2005] [notice] Apache/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP/4.3.11 configured -- resuming normal operations

In some of the other forums I have read that XP has a problem because it doesn't implement the right director or something like that. Unfortunately, I don't have another web dav client. I see 9 total apache2 entries when I do a "ps -A".

b
Back to top
View user's profile Send private message
Pergamon
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2004
Posts: 117

PostPosted: Tue Jun 21, 2005 5:18 pm    Post subject: XP as web dav client Reply with quote

I rechecked this with three different XP boxes (they are all Windows XP with SP2 installed). No problem at all.

What versions of apache / Windows XP are you using?

Could you post your 45_mod_dav.conf?
Back to top
View user's profile Send private message
bwoo
n00b
n00b


Joined: 20 Jun 2005
Posts: 41
Location: New York, NY

PostPosted: Tue Jun 21, 2005 6:24 pm    Post subject: Reply with quote

45_mod_dav.conf below:

Quote:
<IfDefine DAV>
<IfModule !mod_dav.c>
LoadModule dav_module modules/mod_dav.so
</IfModule>
</IfDefine>

<IfDefine DAV_FS>
<IfModule !mod_dav_fs.c>
LoadModule dav_fs_module modules/mod_dav_fs.so
</IfModule>
</IfDefine>

#<IfModule mod_dav.c>

# DavMinTimeout 600
# <Location /mypages>
# Options None
# Dav On
# <Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
# Require user greg
# </Limit>
# </Location>

#</IfModule>


<IfModule mod_dav.c>

Alias /mydavserver /var/dav/mydavserver
DavMinTimeout 600
<Location /mydavserver>
Options None
Dav On
<Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
AuthType Basic
AuthName "WebDAV Restricted Repository"
AuthUserFile /var/dav/.davpasswd
Require valid-user
</Limit>
</Location>

</IfModule>

<IfModule mod_dav_fs.c>

# Location of the WebDAV lock database.
DavLockDB /var/lib/dav/lockdb

</IfModule>



I'm using apache 2.0.54 and windows xp pro sp2
Back to top
View user's profile Send private message
Pergamon
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2004
Posts: 117

PostPosted: Tue Jun 21, 2005 7:52 pm    Post subject: Possible causes - inherited permissions? Reply with quote

Included this within the troube shooting section of the how-to

I found this:

Quote:
And apparently through inherited permissions in the apache config, this was not allowing writes. Adding:

AllowOverride None
Order allow,deny
Allow from all

to that Location directive fixed it.


in http://www.linuxquestions.org/questions/archive/2/2003/10/4/109615


otherwise, as you already mentioned, there are bizare reports about XP not playing well:

like: http://mailman.lyra.org/pipermail/dav-dev/2005-January/005808.html


Last edited by Pergamon on Wed Aug 03, 2005 8:16 am; edited 1 time in total
Back to top
View user's profile Send private message
bwoo
n00b
n00b


Joined: 20 Jun 2005
Posts: 41
Location: New York, NY

PostPosted: Tue Jun 21, 2005 8:00 pm    Post subject: Reply with quote

I tried the suggested entries above the <Limit> lines, but still the same.. incorrect AuthName being presented!

b
Back to top
View user's profile Send private message
Pergamon
Tux's lil' helper
Tux's lil' helper


Joined: 01 Feb 2004
Posts: 117

PostPosted: Thu Jun 23, 2005 10:46 am    Post subject: details needed Reply with quote

Maybe it is necessary to look into the protocol exchange on the wire.

If you are not using SSL, you can use

Code:
ngrep port 80

on the webdav server to log the interaction between client and server. Check that for a standard web browser access and compare with web dav access.

Unfortunately my server runs SSL (everything ngrep shows is encoded then), and I cannot change this for some time.

Maybe someone else can post a working access log of XP client to web dav server?
Back to top
View user's profile Send private message
bwoo
n00b
n00b


Joined: 20 Jun 2005
Posts: 41
Location: New York, NY

PostPosted: Thu Jun 23, 2005 9:36 pm    Post subject: Reply with quote

OK, I have no idea what I'm looking at, but here is the result of ngrep port 80:

Quote:
####
T 65.115.32.226:40754 -> 192.168.0.12:80 [AP]
PROPFIND /mydavserver HTTP/1.1..Depth: 0..translate: f..User-Agent: Microso
ft-WebDAV-MiniRedir/5.1.2600..Host: www.opusnovum.com..Content-Length: 0..C
onnection: Keep-Alive..Pragma: no-cache....
##
T 192.168.0.12:80 -> 65.115.32.226:40754 [AP]
HTTP/1.1 401 Authorization Required..Date: Thu, 23 Jun 2005 21:34:35 GMT..S
erver: Apache/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP
/4.3.11..WWW-Authenticate: Basic realm="WebDAV Restricted Repository"..Cont
ent-Length: 537..Keep-Alive: timeout=15, max=100..Connection: Keep-Alive..C
ontent-Type: text/html; charset=iso-8859-1....<!DOCTYPE HTML PUBLIC "-//IET
F//DTD HTML 2.0//EN">.<html><head>.<title>401 Authorization Required</title
>.</head><body>.<h1>Authorization Required</h1>.<p>This server could not ve
rify that you.are authorized to access the document.requested. Either you
supplied the wrong.credentials (e.g., bad password), or your.browser doesn'
t understand how to supply.the credentials required.</p>.<hr>.<address>Apac
he/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP/4.3.11 Ser
ver at sam.opusnovum.com Port 80</address>.</body></html>.
##
T 65.115.32.226:40754 -> 192.168.0.12:80 [AP]
PROPFIND /mydavserver HTTP/1.1..Depth: 0..translate: f..User-Agent: Microso
ft-WebDAV-MiniRedir/5.1.2600..Host: www.opusnovum.com..Content-Length: 0..C
onnection: Keep-Alive..Pragma: no-cache....
#
T 192.168.0.12:80 -> 65.115.32.226:40754 [AP]
HTTP/1.1 401 Authorization Required..Date: Thu, 23 Jun 2005 21:34:35 GMT..S
erver: Apache/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP
/4.3.11..WWW-Authenticate: Basic realm="WebDAV Restricted Repository"..Cont
ent-Length: 537..Keep-Alive: timeout=15, max=99..Connection: Keep-Alive..Co
ntent-Type: text/html; charset=iso-8859-1....<!DOCTYPE HTML PUBLIC "-//IETF
//DTD HTML 2.0//EN">.<html><head>.<title>401 Authorization Required</title>
.</head><body>.<h1>Authorization Required</h1>.<p>This server could not ver
ify that you.are authorized to access the document.requested. Either you s
upplied the wrong.credentials (e.g., bad password), or your.browser doesn't
understand how to supply.the credentials required.</p>.<hr>.<address>Apach
e/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP/4.3.11 Serv
er at sam.opusnovum.com Port 80</address>.</body></html>.
#
T 65.115.32.226:40754 -> 192.168.0.12:80 [AP]
OPTIONS / HTTP/1.1..translate: f..User-Agent: Microsoft-WebDAV-MiniRedir/5.
1.2600..Host: www.opusnovum.com..Content-Length: 0..Connection: Keep-Alive.
...
##
T 192.168.0.12:80 -> 65.115.32.226:40754 [AP]
HTTP/1.1 200 OK..Date: Thu, 23 Jun 2005 21:34:35 GMT..Server: Apache/2.0.54
(Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP/4.3.11..Content-Loc
ation: index.html.en..Vary: negotiate,accept-language,accept-charset..TCN:
choice..Allow: GET,HEAD,POST,OPTIONS,TRACE..Content-Length: 0..Keep-Alive:
timeout=15, max=98..Connection: Keep-Alive..Content-Type: text/html; charse
t=ISO-8859-1..Content-Language: en....
#
T 65.115.32.226:40754 -> 192.168.0.12:80 [AP]
PROPFIND /mydavserver HTTP/1.1..Depth: 0..translate: f..User-Agent: Microso
ft-WebDAV-MiniRedir/5.1.2600..Host: www.opusnovum.com..Content-Length: 0..C
onnection: Keep-Alive....
##
T 192.168.0.12:80 -> 65.115.32.226:40754 [AP]
HTTP/1.1 401 Authorization Required..Date: Thu, 23 Jun 2005 21:34:35 GMT..S
erver: Apache/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP
/4.3.11..WWW-Authenticate: Basic realm="WebDAV Restricted Repository"..Cont
ent-Length: 537..Keep-Alive: timeout=15, max=97..Connection: Keep-Alive..Co
ntent-Type: text/html; charset=iso-8859-1....<!DOCTYPE HTML PUBLIC "-//IETF
//DTD HTML 2.0//EN">.<html><head>.<title>401 Authorization Required</title>
.</head><body>.<h1>Authorization Required</h1>.<p>This server could not ver
ify that you.are authorized to access the document.requested. Either you s
upplied the wrong.credentials (e.g., bad password), or your.browser doesn't
understand how to supply.the credentials required.</p>.<hr>.<address>Apach
e/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP/4.3.11 Serv
er at sam.opusnovum.com Port 80</address>.</body></html>.
#
T 65.115.32.226:40754 -> 192.168.0.12:80 [AP]
PROPFIND /mydavserver HTTP/1.1..Depth: 0..translate: f..User-Agent: Microso
ft-WebDAV-MiniRedir/5.1.2600..Host: www.opusnovum.com..Content-Length: 0..C
onnection: Keep-Alive..Authorization: Basic Og==....
#
T 192.168.0.12:80 -> 65.115.32.226:40754 [AP]
HTTP/1.1 401 Authorization Required..Date: Thu, 23 Jun 2005 21:34:35 GMT..S
erver: Apache/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP
/4.3.11..WWW-Authenticate: Basic realm="WebDAV Restricted Repository"..Cont
ent-Length: 537..Keep-Alive: timeout=15, max=96..Connection: Keep-Alive..Co
ntent-Type: text/html; charset=iso-8859-1....<!DOCTYPE HTML PUBLIC "-//IETF
//DTD HTML 2.0//EN">.<html><head>.<title>401 Authorization Required</title>
.</head><body>.<h1>Authorization Required</h1>.<p>This server could not ver
ify that you.are authorized to access the document.requested. Either you s
upplied the wrong.credentials (e.g., bad password), or your.browser doesn't
understand how to supply.the credentials required.</p>.<hr>.<address>Apach
e/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP/4.3.11 Serv
er at sam.opusnovum.com Port 80</address>.</body></html>.
##
T 65.115.32.226:40754 -> 192.168.0.12:80 [AP]
PROPFIND /mydavserver HTTP/1.1..Depth: 0..translate: f..User-Agent: Microso
ft-WebDAV-MiniRedir/5.1.2600..Host: www.opusnovum.com..Content-Length: 0..C
onnection: Keep-Alive....
#
T 192.168.0.12:80 -> 65.115.32.226:40754 [AP]
HTTP/1.1 401 Authorization Required..Date: Thu, 23 Jun 2005 21:34:38 GMT..S
erver: Apache/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP
/4.3.11..WWW-Authenticate: Basic realm="WebDAV Restricted Repository"..Cont
ent-Length: 537..Keep-Alive: timeout=15, max=95..Connection: Keep-Alive..Co
ntent-Type: text/html; charset=iso-8859-1....<!DOCTYPE HTML PUBLIC "-//IETF
//DTD HTML 2.0//EN">.<html><head>.<title>401 Authorization Required</title>
.</head><body>.<h1>Authorization Required</h1>.<p>This server could not ver
ify that you.are authorized to access the document.requested. Either you s
upplied the wrong.credentials (e.g., bad password), or your.browser doesn't
understand how to supply.the credentials required.</p>.<hr>.<address>Apach
e/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP/4.3.11 Serv
er at sam.opusnovum.com Port 80</address>.</body></html>.
##
T 65.115.32.226:40754 -> 192.168.0.12:80 [AP]
PROPFIND /mydavserver HTTP/1.1..Depth: 0..translate: f..User-Agent: Microso
ft-WebDAV-MiniRedir/5.1.2600..Host: www.opusnovum.com..Content-Length: 0..C
onnection: Keep-Alive..Authorization: Basic d3d3Lm9wdXNub3Z1bS5jb21cYndvbzp
5YXkkaDAxRQ==....
#
T 192.168.0.12:80 -> 65.115.32.226:40754 [AP]
HTTP/1.1 401 Authorization Required..Date: Thu, 23 Jun 2005 21:34:38 GMT..S
erver: Apache/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP
/4.3.11..WWW-Authenticate: Basic realm="WebDAV Restricted Repository"..Cont
ent-Length: 537..Keep-Alive: timeout=15, max=94..Connection: Keep-Alive..Co
ntent-Type: text/html; charset=iso-8859-1....<!DOCTYPE HTML PUBLIC "-//IETF
//DTD HTML 2.0//EN">.<html><head>.<title>401 Authorization Required</title>
.</head><body>.<h1>Authorization Required</h1>.<p>This server could not ver
ify that you.are authorized to access the document.requested. Either you s
upplied the wrong.credentials (e.g., bad password), or your.browser doesn't
understand how to supply.the credentials required.</p>.<hr>.<address>Apach
e/2.0.54 (Gentoo/Linux) mod_ssl/2.0.54 OpenSSL/0.9.7e DAV/2 PHP/4.3.11 Serv
er at sam.opusnovum.com Port 80</address>.</body></html>.
#
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum