(c) 2002 Tero Karvinen - All Rights Reserved

Webdav passwords, Basic authentication
# luit nano -w /etc/httpd/conf/httpd.conf
 <Directory /home/files/public_html/>
         Dav On
         AuthType Basic
         AuthName DAV
         AuthUserFile /home/files/.htpasswd
         require valid-user
 </Directory>
# /etc/init.d/httpd restart
files$ htpasswd -c /home/files/.htpasswd tee
New password: TestiSaleSana3
tee$ cadaver http://localhost/~files
 Authentication required for DAV on server `localhost':
 Username:
=> Basic authentication works.
http://httpd.apache.org/docs-2.0/mod/mod_dav.html
http://httpd.apache.org/docs-2.0/howto/auth.html#lettingmorethanonepersonin

WebDav passwords, Digest authentication
- All webdav clients must support Digest authentication (rfc)
- Server must not allow Basic authentication without SSL (rfc)
# luit nano /etc/httpd/conf/httpd.conf
 <Directory /home/files/public_html/>
         Dav On
         AuthType Digest
         AuthName dav
         AuthDigestDomain /home/files/public_html/
         AuthdigestFile /home/files/.digest_passwd
         require valid-user
 </Directory>
# /etc/init.d/httpd restart
files$ htdigest -c .digest_passwd dav tee   # -c to create new file
 Adding password for tee in realm dav.
 New password: saL-ais..s
 Re-type new password:
tee$ mozilla    # http://localhost/~files
Digest Authentication notes:
- testing with ethereal, Digest authentication works. Password is
encrypted and cannot be seen, username is sent clear:
 Authorization: Digest username="tee", realm="dav",
 nonce="GR/i4p62AwA=0f3a58fa1452e3ade398176d40f01434c4eae3ed",
 uri="/~files/", response="fe39d8e3dfd9d0278a0904885910ac73",
 algorithm="MD5"
- Linking bypasses both Basic and Digest authentication
        - Avoid: ln -s /home/wasSecure /var/www/html/unsecure # dangerous
        - Now accessing localhost/unsecure does not ask for password


Mozilla WebDav
$ mozilla &
http://localhost/~files
click test.txt
File: Edit Page
(Mozilla Composer opens)
Type some text"This is a test file"
Publish
Enter user name and password when prompted
File is modified in server, then Mozilla says "Publishing completed"
(Back in Mozilla browser)
Reload the page, and you can see your changes
(if the page was originally plain text, it still is)

apache ssl 128 bit only
# luit nano /etc/httpd/conf/httpd.conf
 SSLProtocol all
 SSLCipherSuite HIGH:MEDIUM
http://httpd.apache.org/docs-2.0/ssl/ssl_howto.html

apt-get install mod_dav cadaver
mkdir /var/www/html/upload
pico /etc/httpd/conf/httpd.conf
        DAVLockDB /tmp/ApacheDavLock
        <Location /upload>
                Dav On
        </Location>

$ cadaver localhost/upload
Looking up hostname... Connecting to server... connected.
Connecting to server... connected.
dav:/upload/> put somedoc.txt
Uploading kvakone.txt to `/upload/kvakone.txt': (reconnecting...done)
Progress: [=============================>] 100.0% of 732 bytes succeeded.
dav:/upload/> exit
Connection to `localhost' closed.

Make hole in firewall (https 443)

Win98
Add web folder (remember to type full path or get weird error)
https://mymachine.org/files
Files can not be used directly, they must be copied to local filesystem for
use. Office2000 supports WebDav upload/download.

$ cadaver http://localhost/~tee/dav/
dav:/~tee/dav/> ls
Listing collection `/~tee/dav/': collection is empty.
dav:/~tee/dav/> Terminated by signal 2.
Connection to `localhost' closed.
$ cadaver http://localhost/~tee/
Could not access /~tee/ (not WebDAV-enabled?):
405 Method Not Allowed
Connection to `localhost' closed.
dav:!> quit
=> WebDAV is enabled in ~tee/dav/, but not in ~tee/
Dav works with cadaver when chmod a+rwx dav dir and limit put allow for all
$ cadaver http://localhost/~tee/dav
dav:/~tee/dav/> put dav.txt
Uploading dav.txt to `/~tee/dav/dav.txt':
Progress: [=============================>] 100.0% of 257 bytes succeeded.
dav:/~tee/dav/>
-
WebDAV with Mozilla
mozilla http://localhost/~tee/dav/asdf
mozilla -edit
publish
- Settings
   - Publishing addr & http addr: http://localhost/~tee/dav/
   - Filename: asdf
Click Publish
It works!

WebDav
- Apache 2.0 contains mod_dav, mod_auth_digest and mod_auth_ldap
http://httpd.apache.org/docs-2.0/mod/mod_dav.html
# adduser files
# luit nano /etc/httpd.conf
 <Directory /home/files/public_html/>
        Dav On
 </Directory>
# /etc/init.d/httpd restart
(In RedHat 8.0, modules mod_dav and mod_davfs are loaded and DavLockDB
set out-of-the-box. )
as user "files":
$ mkdir public_html
$ chmod a+x ~ ~/public_html     (the default permissions for web)
$ chmod a+w ~/public_html       (user apache needs write for upload)
as any other user:
$ echo "Testing" > test.txt
$ cadaver https://localhost/~files/
 > put test.txt
  Uploading somefile.txt to `/~files/test.txt':
  Progress: [=============================>] 100.0% of 192 bytes succeeded.
 > quit
=> Webdav works in linux-linux, without authentication