Return-Path: Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: (qmail 57905 invoked from network); 13 Mar 2009 01:51:26 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 13 Mar 2009 01:51:26 -0000 Received: (qmail 37944 invoked by uid 500); 13 Mar 2009 01:51:19 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 37879 invoked by uid 500); 13 Mar 2009 01:51:19 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 37870 invoked by uid 99); 13 Mar 2009 01:51:19 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Mar 2009 18:51:18 -0700 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [64.202.165.14] (HELO smtpout09.prod.mesa1.secureserver.net) (64.202.165.14) by apache.org (qpsmtpd/0.29) with SMTP; Fri, 13 Mar 2009 01:51:09 +0000 Received: (qmail 11176 invoked from network); 13 Mar 2009 01:50:48 -0000 Received: from unknown (75.41.123.129) by smtpout09.prod.mesa1.secureserver.net (64.202.165.14) with ESMTP; 13 Mar 2009 01:50:48 -0000 From: "Loyal" To: Subject: some advice re: custom WebDav (mod_dav) Date: Thu, 12 Mar 2009 18:50:48 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 Thread-Index: AcmjfiE4q8zlAlY5Quu4stzgsSdztg== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579 X-Virus-Checked: Checked by ClamAV on apache.org Hi all, I'm building a Web service that must accept small (1-50k) files pushed to it via the WebDAV protocol. I would like the Web server's DAV service to process the files immediately (stuffing the contents into a MySQL table). I also want to prevent any users from reading any files present (return an empty directory), while still allowing writing clients to read back what they wrote for a short time, say, a few minutes from the same IP, so that their DAV writes don't fail. I would like to check the filenames of the incoming writes and reject any that don't match an active user's ID (my form of auth). Otherwise, access to the drop directory would be completely open (no auth). To accomplish all this, I thought I'd create a modified version of mod_dav for Apache and run this non-standard config on a dedicated box. Anybody WebDAV experts out there with an opinion on my thinking here? Am I nuts to try this?