Now for the easy part. In this section we will WebDAV enable a directory under Apache root.
Please verify that the following Apache directive appears in the /usr/local/apache/conf/httpd.conf :
Addmodule mod_dav.c |
If it does not please add it. This directive informs Apache about DAV capability. The directive must be placed outside any container.
Next we must specify where Apache should store the DAVLockDB file. DAVLockDB is a lock database for the WebDAV. This directory should be writable by the httpd process.
I store the DAVLock file under /usr/local/apache/var. I use this directory for other purposes as well. Please add the following line to your /usr/local/apache/conf/httpd.conf to specify that the DAVLockDB file will be under /usr/local/apache/var :
DAVLockDB /usr/local/apache/var/DAVLock |
The directive must be placed outside any container.
As mentioned above a directory must be created for DAVLockDB that can be written by the web server process. Usually web server process runs under the user 'nobody' . Please verify this for your system using the command:
ps -ef | grep httpd |
# cd /usr/local/apache # mkdir var # chmod -R 755 var/ # chown -R nobody var/ # chgrp -R nobody var/ |
Enabling DAV is a trivial task. To enable DAV for a directory under Apache root, just add the following directive in the container for that particular directory:
DAV On |
This directive will enable DAV for the directory and its sub-directories.
The following is a sample configuration that will enable WebDAV and LDAP authentication on /usr/local/apache/htdocs/DAVtest. Place this in the /usr/local/apache/conf/httpd.conf file.
DavLockDB /tmp/DavLock <Directory "/usr/local/apache2/htdocs/DAVtest"> Options Indexes FollowSymLinks AllowOverride None order allow,deny allow from all AuthName "SMA Development server" AuthType Basic LDAP_Debug On #LDAP_Protocol_Version 3 #LDAP_Deref NEVER #LDAP_StartTLS On LDAP_Server you.ldap.server.com #LDAP_Port 389 # If SSL is on, must specify the LDAP SSL port, usually 636 LDAP_Port 636 LDAP_CertDbDir /usr/local/apache2/sslcert Base_DN "o=SDS" UID_Attr uid DAV On #require valid-user require valid-user #require roomnumber "123 Center Building" #require filter "(&(telephonenumber=1234)(roomnumber=123))" #require group cn=rcs,ou=Groups </Directory> |
As mentioned in a earlier section, all DAV directories have to be writable by the WebServer process. In this example we assume WebServer is running under username 'nobody'. This is usually the case. To check httpd is running under what user, please use:
# ps -ef | grep httpd |
Create a test directory called 'DAVtest' under /usr/local/apache2/htdocs :
# mkdir /usr/local/apache/htdocs/DAVtest
Change the permissions on the directory to make it is read-writable by the httpd process. Assuming the httpd is running under username 'nobody', use the following commands:
# cd /usr/local/apache/htdocs # chmod -R 755 DAVtest/ # chown -R nobody DAVtest/ # chgrp -R nobody DAVtest/ |
Finally you must run the configuration test routine that comes with Apache to verify the syntax in httpd.conf :
# /usr/local/apache/bin/apachectl configtest |
If you get error messages please verify that you followed all of the above mentioned steps correctly. If you can not figure out the error message feel free to email me with the error message (saqib@seagate.com).
If the configtest is successful start the apache web-server:
# /usr/local/apache/bin/apachectl restart
Now you have WebDAV enabled Apache Server with LDAP authentication and SSL encryption.
It is very important that the WebDAV that we just implemented be fully complaint with the WebDAV-2 protocol. If it is not fully compatible, the client side WebDAV applications will not function properly.
To test the complaince we will use a tool called Litmus. Litmus is a WebDAV server protocol compliance test suite, which aims to test whether a server is compliant with the WebDAV protocol as specified in RFC2518.
Please download the Litmus source code from http://www.webdav.org/neon/litmus/ and place it in the /tmp/downloads directory.
Then use gzip and tar to extract the files:
# cd /tmp/downloads # gzip -d litmus-0.6.x.tar.gz # tar -xvf litmus-0.6.x.tar # cd litmus-0.6.x |
Compiling and installing Litmus is easy:
# ./configure # make # make install |
make install will install the Litmus binary files under /usr/local/bin and the help files under /usr/local/man
To the test the complaince of the WebDAV server that you just installed, please use the following command
# /usr/local/bin/litmus http://you.dav.server/DAVtest userid passwd |