Hey there! Let’s talk about WebDAV today. If you don’t know what WebDAV is, I recommend you to read this wiki. It stands for Web Distributed Authoring and Versioning. It is a set of extensions to HTTP that facilitates collaborative editing and file management. In a nutshell, it enables write permission to the users, who used to have only read access afforded by HTTP. Nowadays, it can also be utilized by collaboration and versioning systems like SVN and GIT.
Now, without further adieu, let’s get into the deployment of WebDAV in our test environment. For this purpose, I’m going to use CentOS7 as my host operating system and Apache as the web server. You can use any other platform as per your preference. Similarly, I’m going to demonstrate both local and external authentications in WebDAV. For external authentication, I’m going to use OpenLDAP server that I had setup in my previous post.
First, let’s prepare our CentOS machine. If you don’t know how to install one, please read this article. If you also need help on doing your initial configuration, here’s another article for you. Once our CentOS is ready, we can start installing and configuring the necessary packages for our purpose. To setup WebDAV, all we need to install is Apache (httpd). To secure our web system with SSL, we would also prefer to install openssl and mod_ssl. And to implement LDAP based authentication in WebDAV, let’s also install mod_ldap.
$ sudo yum install -y httpd openssl mod_ssl mod_ldap
Once the installation is complete, verify if WebDAV has been enabled in Apache or not. If enabled, the following output will be shown in below command.
$ sudo httpd -M | grep fs dav_fs_module (shared)
Next, let’s create a directory and start using it as WebDAV based file system.
$ sudo mkdir /home/webdav $ sudo chown apache:apache /home/webdav $ sudo chmod 770 /home/webdav
Then, let’s define a config file for our WebDAV to be used by Apache.
$ sudo vi /etc/httpd/conf.d/webdav.conf # create new DavLockDB "/tmp/DavLock" Alias /webdav /home/webdav <Location /webdav> DAV On #SSLRequireSSL Options None AuthType Basic AuthName WebDAV AuthUserFile /etc/httpd/conf/.htpasswd <RequireAny> Require method GET POST OPTIONS Require valid-user </RequireAny> </Location>
Note in the configuration that I’ve defined a local authentication using AuthUserFile statement. So, I need to create user in the mentioned file. For now, I’m creating a testuser and storing its password in the authentication file.
htpasswd -c /etc/httpd/conf/.htpasswd testuser
Then, let’s verify that we can access our WebDAV location using this user. To test it locally, we can use Cadaver.
$ sudo yum -y install cadaver $ cadaver http://localhost/webdav Authentication required for WebDAV on server `localhost': Username: testuser Password: dav:/webdav/> ls Listing collection `/webdav/': succeeded. Coll: test 0 Jul 30 07:38
We can also test it from our client machines like Windows, MacOS, Linux, Android, or any other compatible platform. In Windows, we can open up the Windows Explorer and add a network location. In the network address, enter the WebDAV address path and then authenticate with correct user credentials. Once connected, we can both read and write to this location.
Setting Up LDAP Authentication
In order to perform LDAP Authentication for WebDAV, we first need to have our LDAP server available. I’ve covered the installation and configuration of OpenLDAP server in my previous post. My config file to support LDAP authentication now looks like this:
$ sudo vi /etc/httpd/conf.d/webdav.conf # create new DavLockDB "/tmp/DavLock" Alias /webdav /home/webdav <Location /webdav> DAV On #SSLRequireSSL Options None AuthType Basic AuthName WebDAV AuthBasicProvider ldap AuthLDAPURL ldap://ldap.sajjan.com.np/dc=sajjan,dc=com,dc=np?uid?sub?(objectClass=*) Require ldap-filter objectClass=posixAccount AuthUserFile /etc/httpd/conf/.htpasswd <RequireAny> Require method GET POST OPTIONS Require valid-user </RequireAny> </Location>
Let’s again verify it by using Cadaver. This time, let’s provide our LDAP user credentials.
$ cadaver http://localhost/webdav Authentication required for WebDAV on server `localhost': Username: sajjan Password: dav:/webdav/> ls Listing collection `/webdav/': succeeded. Coll: test 0 Jul 30 07:38
This completes this post. I hope this has been informative. Let me know your question in the Comments section below. Thank you!