Had an interesting go-around with WebDAV on a non-production test server with Apache2 and it seemed errors were almost random. There were a number of factors involved. First, I am testing for preparation of using multiple authors to update a website. WebDAV was the logical choice. Installing WedDAV was simple enough:
- load or enable modules (a2enmod) dav, dav_fs
- load up authentication module(s) [I started with auth_digest]
- insert directives like turning DAV on
Well, it seemed to work with default settings. Since I was enabling this for authors, it was not used for a separate directory or folder, but the root folder. The initial test using ‘cadaver’ went well. It all went downhill once I started testing with Dreamweaver. Apparently, no matter what I did, Dreamweaver would not use ‘auth digest’ mode. Supposedly if you add PROPFIND to the <Limitexcept> directive, Dreamweaver should find and use Auth Digest. Nope, didn’t work. Since Apache thought the client was using ‘Auth Basic’, I decided to go ahead and use ‘Basic’. So that meant I had to create a new password file with ‘htpasswd’ which I did.
htpasswd -c /var/run/apache2/.passwordfile
Well, after restarting Apache, I tested with cadaver and I had new errors. Could not find ‘user’ One suggestion I found on the web said that you should name your user with the server name before it (much like the domainuser credentials in the Windows world) like this servernameusername [the second slash is there because it ignores the first – whatever]. This did not work either. Other mentioned it was because some Ubuntu and Debian builds did not link the ‘authz_basic’ module properly. I had this listed in my ‘mods-enabled’ folder, so it was loaded.
One novel suggestion (and I used this method) was by placing all your DAV directives in the ‘dav_fs.conf’ file in the ‘mods-enabled’ folder. Therebye automatically removing directives when DAV mods are unloaded. So ‘cadaver’ still didn’t work after all this. I knew if I could get ‘cadaver’ to see the user this time, I would be good to go, as Dreamweaver works with Auth Basic.
After all that messing around, it turned out to be pretty simple. Originally, I had checked to make sure the Digest password file had proper permissions (group had to be www-data), so that was why that worked with ‘cadaver’. When creating the new password file with htpasswd, it defaulted to group of root. I changed that file to the www-data group and everything worked. This is how my directives in dav_fs looks:
DAVLockDB /var/run/apache2/lock/davlock
DAVMinTimeout 600
<Location /webdav/>
DAV On
AuthType basic
AuthName username
AuthUserFile /var/run/apache2/.davpasswordfile
<Limitexcept GET HEAD OPTIONS PROPFIND>
Require valid-user
</Limitexcept>
</Location>
My ‘alias’ directive is still located in virtual default file. Good news is it works now!