WebDAV with system authentication
I wanted to create a WebDAV directory to put some of my data in it and see what I can do with. One thing is that I want to protect the WebDAV directory with system user passwords.
Installation, as usual on a Debian system:
$ sudo apt-get install apache2 pwauth
$ sudo a2enmod dav_fs
$ sudo a2enmod authnz_external
Create the directories that will be accesible through WebDAV (one for user1
and one for user2
) and give permissions to Apache's www-data
user:
$ sudo mkdir /home/user1/webdav
$ sudo chown -R :www-data /home/user1/webdav
$ sudo chmod -R g+w /home/user1/webdav
$ sudo mkdir /home/user2/webdav
$ sudo chown -R :www-data /home/user2/webdav
$ sudo chmod -R g+w /home/user2/webdav
Create an Apache site /etc/apache2/sites-available/webdav
:
<VirtualHost *:80>
ServerName webdav.example.com
ServerAdmin webmaster@example.com
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
LogLevel warn
AddExternalAuth pwauth /usr/sbin/pwauth
SetExternalAuthMethod pwauth pipe
DocumentRoot /var/www
Alias /user1 /home/user1/webdav
<Directory /home/user1/webdav>
DAV On
AuthType Basic
AuthBasicProvider external
AuthExternal pwauth
AuthName "Restricted area"
Require valid-user
</Directory>
<Location /user1/>
Require user user1
</Location>
Alias /user2 /home/user2/webdav
<Directory /home/user2/webdav>
DAV On
AuthType Basic
AuthBasicProvider external
AuthExternal pwauth
AuthName "Restricted area"
Require valid-user
</Directory>
<Location /user2/>
Require user user2
</Location>
</VirtualHost>
Activate the site and restart Apache:
$ sudo a2ensite webdav
$ sudo service apache2 restart
Juste need to connect with your favorite WebDAV client… and that's where I didn't find anything suitable for me:
- open source
- mounts any given directory in my computer's file system
- caches data
- synchronizes when possible
- allows to limit the size (ie: configure a directory to limit it's size to 10GB on my computer even if the directory on the server is bigger (find out automatically which files to keep in cache on my computer))
- works on Mac OS
Comments Add one by sending me an email.
Petite remarque sur le "basic authentication" : le mot de passe sera transmis encodé en base64. Donc en clair. À utiliser avec un cryptage (TLS, VPN, autres) ou préférer le Digest Authentication.