httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sean Davis <>
Subject Re: [users@httpd] WebDAV directory allowing all access despite limits
Date Tue, 28 Feb 2006 14:45:22 GMT

On 2/28/06 9:23 AM, "Nick Kew" <> wrote:

> On Tuesday 28 February 2006 13:55, Sean Davis wrote:
>> - sean [28/Feb/2006:08:46:34 -0500] "PUT
>> /webDAV/public/Abstract.doc HTTP/1.1" 204 -
> See that "sean" in there?  Your client has authenticated itself.
> Where's the problem?

Sorry, Nick, for not explaining the problem clearly.  The problem isn't the
lack of authentication, but what I thought was too permissive authorization.
Perhaps my understanding of LimitExcept is wrong, but I thought if I had a:

   Require user sean

that I shouldn't be able PUT or DELETE.  The log entries show that I was
able to do that--hence the problem.  I don't understand why I can PUT or
DELETE with the LimitExcept directive in place.  I simply want a webDAV
directory that is read-only by the user sean.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message