cross
New Foswiki release 2.1.6 is available with important security fixes.
Sourceforge foswiki email lists being discontinued. Subscribe to the new Foswiki announce and discuss lists at MailingLists

Configuring WebDAVContrib with Apache2 and mod_perl

If your site is already running on Apache with mod_perl, then the simplest way to configure WebDAV is to use the same Apache server. If you are using mod_fcgid, see ConfiguringWebDAVContribWithFCGI.

Configuration Wizard

Configuring ConfiguringWebDAVContribWithApache for use with Foswiki and Apache mod_perl.

Step 1: basic settings

Foswiki server host:

Enter the server host name.

URL path:

Enter the required URL path to the DAV resources.

Installation directory:

Enter the directory path to your Foswiki installation on the server.
Clicking on Submit will rewrite the installation instructions below.

Step 2: mod_perl configuration

Create the file /var/www/wiki/tools/WebDAVContrib_mod_perl_startup.pl with the following content:

use ModPerl::RegistryLoader;
use lib '/var/www/wiki/bin';
do 'setlib.cfg';
1;

This tells WebDAVContrib where you want to run Foswiki from.

Step 3: Apache configuration

Add the following to your Apache configuration (must be included into the base configuration; will not work in .htaccess)

This exposes the /dav path on your server. You can change this location to whatever you want, but make sure the FoswikiLocation matches it.

PerlRequire "/var/www/wiki/tools/WebDAVContrib_mod_perl_startup.pl"
PerlLoadModule Apache::FoswikiDAVHandler
<Location "/dav">
    SetHandler perl-script
    FoswikiLocation "/dav"
    FoswikiFilesysHandler Filesys::Virtual::Foswiki
    PerlHandler Apache::FoswikiDAVHandler
</Location>

This will configure DAV without authentication, so all transactions will use the "guest" login. See "Configuring authentication" below for information on configuring web server authentication.

Restart your apache server.

The path http://foswiki.org/dav should now show you all your root webs, when viewed from a DAV-enabled client.

Step 4: Testing

The best way to verify your server is working is to use a simple, reliable WebDAV client program such as cadaver (available for most platforms - you can get a Windows version from http://www.phtagr.org/2009/04/01/cadaver-for-windows/ **).

Run cadaver and open the DAV folder on the server:
dav:!> open http://foswiki.org/dav
dav:/dav/> ls
Listing collection `/dav/': succeeded.
Coll:   Main                                4096  Mar 25 12:42
Coll:   Sandbox                             4096  Apr  6 08:19
Coll:   System                             20480  Apr  7 10:32
...
dav:/dav/> cd Sandbox
dav:/dav/> put packages.txt LoremIpsum.txt
Progress: [===================>] 100.0% of 320 bytes succeeded
dav:/dav/> cat LoremIpsum.txt
Displaying `/dav/Sandbox/LoremIpsum.txt':
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do
eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut
enim ad minim veniam, quis nostrud exercitation ullamco laboris
nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor
in reprehenderit in voluptate velit esse cillum dolore eu fugiat
nulla pariatur. Excepteur sint occaecat cupidatat non proident,
sunt in culpa qui officia deserunt mollit anim id est laborum....
dav:/dav/> cd LoremIpsum_files
dav:/dav/> put muspimerol.gif
Progress: [===================>] 100.0% of 2800 bytes succeeded
dav:/dav/> ls
Listing collection `//dav/Sandbox/LoremIpsum_files/': succeeded.
        muspimerol.gif                  2800  Apr 12 14:38

If cadaver reports any errors, check your apache error log on the server.

You can verify that the LoremIpsum topic has been created by going to http://foswiki.org/Sandbox/LoremIpsum.

user="BaseUserMapping_666" shows that the creation of the LoremIpsum topic and the subsequent uploading of the muspimerol.gif attachment was done using the WikiGuest user. If you try to do the same in the System directory, you will get a failure response:
dav:!> open http://foswiki.org/dav
dav:/dav/> cd Sandbox
dav:/dav/> put packages.txt LoremIpsum.txt
Uploading packages.txt to `/dav/System/LoremIpsum.txt':
Progress: [=============================>] 100.0% of 320 bytes failed:
401 Authorization Required

(At this point attempting to access the WebFolder using Windows XP service pack 2 allows you to browse the folders, but opening any files will fail)

Step 5: Configuring authentication

If you configured your server as described above, it will be configured without authentication. That means that all transactions will happen as the "guest" user. In most cases you will want to require a login by the client, so that the user can be identified.

To configure authentication you simply protect the folder using an Apache authentication method of choice. WebDAVContrib will automatically log in to Foswiki using the username (or Wiki Name) that was used to log in to Apache.

For example, you could use Basic Authentication to protect the DAV folder,using the password file used by the default Foswiki setup:
PerlRequire "/var/www/wiki/tools/WebDAVContrib_mod_perl_startup.pl"
PerlLoadModule Apache::FoswikiDAVHandler
<Location "/dav">
    SetHandler perl-script
    FoswikiLocation "/dav"
    FoswikiFilesysHandler Filesys::Virtual::Foswiki
    FoswikiDebug 0
    PerlHandler Apache::FoswikiDAVHandler
    AuthName "Foswiki"
    AuthUserFile /var/www/wiki/data/.htpasswd
    AuthType Basic
    <LimitExcept OPTIONS>
        require valid-user
    </LimitExcept>
</Location>

Here, OPTIONS requests are excluded because of a bug in Windows, which doesn't send auth headers with OPTIONS requests. This should not be a security risk, as OPTIONS only tells the client what the server's capabilities are.

Restart the web server after any change to the Apache configuration.

C:\Documents and Settings\Administrator\Desktop\cadaver>cadaver.bat
dav:!> open http://foswiki.org/dav
Authentication required for Foswiki on server `foswiki.org':
Username: BillGates
Password:
dav:/dav/> ls
Listing collection `//dav/': succeeded.
Coll:   Main                                4096  Feb 24 07:14
Coll:   Sandbox                             4096  Apr 10 00:51
Coll:   System                             24576  Apr  9 09:01
...

Note that Basic Authentication is much more secure if used over SSL (with https: URLs).

Debugging

If you are having problems with WebDAV you can enable tracing in the Apache handler and the file system interface using the FoswikiDebug Apache directive. See WebDAVContrib#Debugging for more information.
Topic revision: r3 - 17 Jun 2015, FlorianSchlichting - This page was cached on 24 Sep 2018 - 15:57.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy