WebDAV is a very useful tool for sharing files. If you want to have both anonymous access and authenticated access, you require some specific configuration:
<VirtualHost *>
# ... standard configuration ...
# ServerName, DocumentRoot, etc
# Root DAV which requires authentication to access:
<Location "/MyFiles/">
DAV on
AuthType Digest
AuthName "Digest Realm"
AuthUserFile /etc/apache2/users/myfiles.htdigest
Require user me
<LimitExcept GET HEAD OPTIONS REPORT PROPFIND>
Require user me
</LimitExcept>
</Location>
# Specific folder which can be accessed anonymously (read-only)
<Location "/MyFiles/Public/">
<Limit GET HEAD OPTIONS REPORT PROPFIND>
Allow from all
Satisfy any
</Limit>
</Location>
# Specific folder which can be accessed anonymously (read/write)
<Location "/MyFiles/DropBox/">
Allow from all
Satisfy any
</Location>
</VirtualHost>The key here is understanding how Limit and LimitExcept can be used. Limit means that for the given set of requests, process the block. LimitExcept means that for any other type of request other than those given, process the block. The thing to identify is that Satisfy any can then be used within a Limit or LimitExcept block to control anonymous access. This can be used, along with typical Allow from all access controls to provide fine grained access to DAV repositories.
See also
- Apache Core Documentation (
Satisfy any,Limit,LimitExcept,Require) - mod_access Documentation (
Allow from any) - mod_dav Documentation (
DAV)
Comments
Leave a comment
Please note, comments must be formatted using Markdown. Links can be enclosed in angle brackets, e.g.
<www.codeotaku.com>.