WebDAV and Apache
description
Transcript of WebDAV and Apache
![Page 1: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/1.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
1
WebDAV and Apache
Greg [email protected]
http://www.lyra.org/
![Page 2: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/2.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
2
Agenda
• Overview • Benefits• Scenarios• Setting up mod_dav• DAV tools and clients• Futures
![Page 3: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/3.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
3
What is WebDAV?(1 of 2)
• Web-based Distributed Authoring and Versioning– “DAV” is the usual short form
• Goal: enable interoperability of tools for distributed web authoring
• Turns the Web into a writeable medium
![Page 4: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/4.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
4
What is WebDAV?(2 of 2)
• Applies to all kinds of content - not just HTML and images
• Based on extensions to HTTP• Uses XML for properties, control, status• RFC 2518
![Page 5: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/5.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
5
Benefits
• Benefits for all web users:– Users– Authors– Server administrators
• Technical benefits for developers, network administrators, and security personnel
![Page 6: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/6.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
6
User Benefits
• User: defined here as a web surfer• Document metadata available• More intelligent “directory” listings
![Page 7: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/7.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
7
Author Benefits
• Author: the person who writes the content• Standard way to place content on server• Move/copy the content around• Tag the content with metadata• Overwrite protection in group scenarios
![Page 8: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/8.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
8
Administrator Benefits
• Administrator: the person running the server
• DAV namespace does not have to mirror a specific directory structure (flexibility)– Could even be used for arbitrary repositories
• Authentication via HTTP; system accounts not required (security)
![Page 9: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/9.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
9
Technical BenefitsOverview
• Properties (“metadata”)• Overwrite protection• Namespace management• Infrastructure: old and new• Replacement protocol
![Page 10: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/10.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
10
Technical BenefitsTerminology
• Collection– A collection of resources– A collection is also a resource
• Resource– Generic name for collections or member
resources• Member Resource
– “Leaves” in a URL namespace
![Page 11: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/11.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
11
Technical BenefitsProperties
• Properties are name/value pairs– Names are uniquely identified with URIs– Values are well-formed XML fragments
• All resources have properties– Files and directories– Server-defined/maintained, or client-defined
• Records metadata such as author, title, modification time, or size
![Page 12: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/12.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
12
Technical BenefitsOverwrite Protection
• Shared and exclusive locks• Locks have characteristics such as timeouts,
owners, and depth• Identified by authentication and lock token• Apply to whole resources, not portions
![Page 13: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/13.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
13
Technical BenefitsNamespace Management
• “Namespace” refers to the URL hierarchy• DAV provides mechanisms to create, move,
copy, and delete resources
![Page 14: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/14.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
14
Technical BenefitsExisting Infrastructure
• Receives benefits of HTTP infrastructure– Strong authentication– Encryption– Proxy/firewall navigation– Worldwide deployment– Huge talent pool; numerous tools, apps, etc
![Page 15: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/15.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
15
Technical BenefitsNew Infrastructure
• DAV can provide infrastructure for:– Collaboration– Metadata– Namespace management– Ordered collections– Versioning– Access control– Searching
![Page 16: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/16.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
16
Technical BenefitsReplacement Protocol
• DAV providers read/write to the web server• Can obsolete other mechanisms:
– FTP– FrontPage and Fusion proprietary protocols– Custom or one-off solutions
• Robust enough for future enhancements
![Page 17: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/17.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
17
WebDAV Under the Covers
• A protocol layered on HTTP/1.1• HTTP extensions
– New HTTP headers– New HTTP methods– Additional semantics for existing methods– HTTP/1.1 clarifies the extension process
![Page 18: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/18.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
18
New HTTP Headers
• DAV:• If:• Depth:• Overwrite:
• Destination:• Lock-Token:• Timeout:• Status-URI:
![Page 19: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/19.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
19
New HTTP MethodsOverview
• COPY, MOVE• MKCOL• PROPPATCH, PROPFIND• LOCK, UNLOCK
• Semantics for HTTP/1.1 methods:– GET, PUT, DELETE, OPTIONS
![Page 20: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/20.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
20
New HTTP MethodsCOPY, MOVE
• Pretty obvious: copy or move resources• Copying collections uses Depth: header• Destination: header specifies target• Also uses Overwrite: header• Optional request body controls the handling
of live properties
![Page 21: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/21.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
21
New HTTP MethodsMKCOL
• Create a new collection• Avoids overloading PUT method
![Page 22: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/22.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
22
New HTTP MethodsPROPPATCH, PROPFIND
• PROPPATCH is used to set, change, or delete properties on a single resource
• PROPFIND fetches one or more properties for one or more resources
![Page 23: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/23.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
23
More on PROPFIND
• Using PROPFIND anonymously allows users to discover files
• Best to require authentication• In the future:
– Browsers will want it for “nice” directories– Clients will want PROPFIND for metadata– Server will have finer granularity to hide items
![Page 24: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/24.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
24
New HTTP MethodsLOCK, UNLOCK
• Add and remove locks on resources• Both use the Lock-Token: header
![Page 25: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/25.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
25
DeltaV
• Versioning extensions for WebDAV– Completes original vision of DAV
• Internal “last call,” WG last call soon• Implementation is already happening
– Subversion– Rational’s ClearCase repository
![Page 26: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/26.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
26
Scenarios
• Collaborative authoring• Network file system• Unified repository-access protocol• Remote software engineering
– Minimal support until versioning arrives
![Page 27: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/27.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
27
Scenario: Departmental Server(1 of 2)
• Department of 20 staff• They operate a private web server• Web server acts as a repository
– File servers used to play this role• Everybody needs to author documents• Web server (vs file server) provides better
navigation, overviews, and offsite links
![Page 28: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/28.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
28
Scenario: Departmental Server(2 of 2)
• Web site is DAV-enabled– Allows remote authoring and maintenance– Allows tagging documents with metadata
• Security can be used to limit or partition areas for specific users
• Documents drop right onto the server• New pages for summaries and overviews
![Page 29: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/29.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
29
Scenario: Web Hosting(1 of 2)
• 5000 users• http://www.someisp.com/username/• No need to enter users into /etc/passwd
– Use any Apache mod_auth_* module• User directories can be distributed, shifted,
updated as needed across the filesystem
![Page 30: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/30.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
30
Scenario: Web Hosting(2 of 2)
• Apache’s httpd.conf gets complicated– Need section for each user– Something like UserDir would be great– For now, include a generated file
![Page 31: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/31.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
31
Other Scenarios
• Not restricted to the Internet• LAN environments
– Departmental workgroups– Software development teams
• WAN/VPN environments– Remote workgroups, development
• Base protocol for client/server interactions
![Page 32: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/32.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
32
Setting up mod_davOverview
• Grab and install tarball• One simple directive:DAV On– Use within <Directory> or <Location>
• Need to change file/dir ownership and privs• Enable locking• Add security as appropriate
![Page 33: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/33.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
33
Setting up mod_davInstallation
• Grab tarball:– http://www.webdav.org/mod_dav/
• Install in one of two ways:– Via APXS (easiest)– Build within the Apache source tree
• Expat (a subset) is part of Apache 1.3.9
![Page 34: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/34.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
34
Setting up mod_davExample Configuration
Alias /gstein /home/apache/davdirs/gstein<Location /gstein> DAV On</Location>
![Page 35: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/35.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
35
Setting up mod_davFilesystem Changes
• Assume Apache is run with UID “nobody” and GID “www”
% ls -la /home/apache/davdirs/gsteintotal 3drwxr-s--- 3 nobody www 1024 Jun 25 14:32 .drwxr-s--- 3 nobody www 1024 Jun 28 17:26 ..-rw-r--r-- 1 nobody www 424 Jun 26 16:36 index.htmldrwxr-s--- 4 nobody www 1024 Jun 26 13:05 specs
![Page 36: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/36.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
36
Setting up mod_davEnable Locking
• Additional directive for the lock databaseDAVLockDB /home/apache/davdirs/lock.db
• Lock databases are per-server
![Page 37: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/37.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
37
Setting up mod_davSecurity Considerations
• Prevent funny operations (CGI, includes, etc)Options None
• Prevent .htaccessAllowOverride None
• Limit method access<Limit PUT DELETE PROPFIND PROPPATCH \\ MKCOL COPY MOVE LOCK UNLOCK>
![Page 38: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/38.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
38
Limiting PROPFIND
• Note that PROPFIND is in the <Limit> directive– Limits the use of PROPFIND to authorized
users– Based on concerns mentioned earlier about
“discoverability” of a web site
![Page 39: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/39.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
39
Example Configuration<Location /> AllowOverride None Options None DAV On AuthName “my web site” AuthType basic Auth_MySQL on Auth_MySQL http_auth <Limit PUT DELETE PROPFIND PROPPATCH MKCOL COPY \\ MOVE LOCK UNLOCK> Require user gstein </Limit></Location>
![Page 40: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/40.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
40
DAV Tools and ClientsOverview
• Open source– Joe Orton’s sitecopy and cadaver– Nautilus– Subversion– Python, Perl, C client APIs
• Commercial– Adobe GoLive 5.0, Microsoft Office 2000, IE5
• Lots of DAV servers
![Page 41: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/41.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
41
DAV Tools and ClientsJoe Orton’s sitecopy
• Edit web site locally• Update remote web site• Operates via FTP or WebDAV
– More/better functionality via WebDAV• Does not do two-way synchronization
• Screem, an HTML editor, embeds sitecopy
![Page 42: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/42.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
42
DAV Tools and ClientsJoe Orton’s cadaver
• Interactive command-line tool• Provides listing, moving, copying, and
deleting of resources on the server
![Page 43: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/43.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
43
DAV Tools and ClientsNautilus
• Nautilus is the file manager for GNOME• Uses gnome-vfs
– “Virtual File System”– Can target WebDAV repositories
• Provides full GUI-based management of a DAV repository
![Page 44: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/44.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
44
DAV Tools and ClientsSubversion
• Open Source project led by Karl Fogel• Built using DAV, Neon, Apache 2.0• CVS replacement
– Can use HTTP infrastructure– Better server performance
• Modular client, server construction• Should be released before Q3 2001
![Page 45: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/45.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
45
DAV Tools and ClientsLanguage APIs
• Good for experimentation• Building new apps• Most are layered onto existing HTTP APIs
• Python API from Greg Stein• Perl API from Patrick Collins• C API (Neon) from Joe Orton
![Page 46: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/46.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
46
DAV Tools and ClientsAdobe GoLive 5.0
• One of the first Web authoring tools to support the DAV protocol
• Page design, authoring, construction• Uses locking to assist authoring teams• Site management
![Page 47: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/47.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
47
DAV Tools and ClientsMicrosoft Office 2000
• Broad distribution• Word, Excel, etc are DAV-enabled
– Open/save files directly from/to web server– Uses DAV locks for overwrite protection
• First round of Microsoft’s move to DAV– Also: IIS5, Exchange 2000
![Page 48: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/48.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
48
DAV Tools and ClientsInternet Explorer 5.0
• Enabled with the “Web Folders” add-on• Adds “Web Folders” section into Windows
Explorer, under “My Computer”– Allows drag and drop of files– Standard move/copy/delete/rename of files
![Page 49: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/49.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
49
Future Clients (Wish List)
• KDE file manager• Pharmacy (a GNOME frontend to CVS)• Emacs EFS• Mozilla
![Page 50: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/50.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
50
Implementing mod_dav
• Apache has great extensibility• But:
– Hard to add new methods– Security: file ownership, SUID helpers, etc– Alternate access to repository
• Security issues led to private repository• Module provides excellent speed
![Page 51: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/51.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
51
Futures: WebDAV
• Advanced Collections (idle; Q3 2001?)– Bindings, Ordering, References
• Searching (idle; Q3 2001?)• Access Control (semi-active; Q2 2001?)• Versioning (active; Q2 2001)
![Page 52: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/52.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
52
Futures: mod_dav
• mod_dav 1.0 was released on June 13, 2000• Apache 2.0 includes core DAV features
– fully integrated– better plug-in system– updated, complete versioning hooks
• Apache 2.1– Other DAV extensions
![Page 53: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/53.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
53
Review
• WebDAV can change the very nature of how people interact with the Web
• Great standard, replaces many protocols with a single protocol
• mod_dav brings DAV to Apache• Tools and apps are starting to appear
![Page 54: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/54.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
54
Resources
• http://www.webdav.org/
Everything you need is on this web site, or linked from it.
![Page 55: WebDAV and Apache](https://reader034.fdocuments.net/reader034/viewer/2022052604/56814c4d550346895db9571c/html5/thumbnails/55.jpg)
April 4, 2001 ApacheCon 2001: WebDAV and Apache
55
Q&A