Mark, thank for the clues. I guess I will need to tinker with OS-level file
permissions to solve this. I was hoping for a pure-Apache solution, and am a
bit disappointed with the granularity of control over COPY operations. But I
can work around the issue using file level permissions.
Thanks for the clue.
Mark Lavi <[EMAIL PROTECTED]> wrote: v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape
{behavior:url(#default#VML);} st1\:*{behavior:url(#default#ieooui) }
Ah, youve changed the scope of your question. J
So long as you leverage an Apache authorization module with user and group
permissions, I would think you could control permissions on who can do what per
directory easily, but for this solution, you would not give both groups WebDAV
access.
One group (read only) could browse the web server and download contents of
the autogenerated directory while the other group would be authenticated to
have WebDAV privileges. Its simpler to manage and granular to the directory,
but not exactly what you are asking for because not both groups are given
WebDAV permissions. So the read only group could not do a select all files to
download, much like a network drive operation, unless they used some sort of
browser enhancement.
Configuration would be something like (Im doing this off the top of my head
for illustration, please dont expect to cut and paste this without syntax
correction and adaptation for your situation):
<Directory "/www/docroot/projects/X">
Options Indexes
AllowOverride None
AuthType Basic
AuthName "Only group X can publish!"
AuthUserFile /home/www/acl/htpasswdfile
AuthGroupFile /home/www/acl/groupfile
DAV On
<LimitExcept GET HEAD OPTIONS>
Require group X
</LimitExcept>
</Directory>
--Mark
Mark Lavi, Enterprise Web Management Team @ SGI
mailto:[EMAIL PROTECTED] || phone:+1-650-933-7707
---------------------------------
From: Todd Hivnor [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 28, 2006 11:15 AM
To: [email protected]
Subject: RE: [EMAIL PROTECTED] Limiting COPY method for WebDAV to one direction
Updating the permissions on the file system will work for folders which are
strictly read-only. But in a lot of cases, I want the folder to be readable by
group X and writable by group Y.
Mark Lavi <[EMAIL PROTECTED]> wrote:
I dont know of an Apache/WebDAV solution off the top of my head for your
requirement, but it is probably easiest to address this from the filesystem:
change the permissions on the directory to be read only.
--Mark
Mark Lavi, Enterprise Web Management Team @
SGI
mailto:[EMAIL PROTECTED] || phone:+1-650-933-7707
---------------------------------
From: Todd Hivnor [mailto:[EMAIL PROTECTED]
Sent: Monday, November 27, 2006 3:44 PM
To: [email protected]
Subject: [EMAIL PROTECTED] Limiting COPY method for WebDAV to one direction
I am running WebDAV on my Apache 2.0.51 server on Fedora Core 2.
I would like to allow users to copy files _from_ a certain directory,
but not _into_ it. However, if I allow the COPY method (via a the
LimitExcept tag) then I am allowing copy _from_ and copy _to_. There doesn't
seem to be able to any means to control the direction of the copy
method.
Is there are way to
configure this? It seems like a fairly basic
requirement: a read-only WebDAV folder which allows users to copy files into
their personal directories, with a direct HTTP COPY call.
- Todd
---------------------------------
Everyone is raving about the all-new Yahoo! Mail beta.
---------------------------------
Check out the all-new Yahoo! Mail beta - Fire up a more powerful email and get
things done faster.
