httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <jos...@slive.ca>
Subject Re: [users@httpd] URL Rewriting and DAV with Digest Authentication
Date Sat, 05 May 2007 23:46:07 GMT
On 5/4/07, The Gaijin <gaijin@gci.net> wrote:

>
>         <LocationMatch ~*>

Use <Location /~> -- it is more efficient and safer in this case.
>
>         RewriteEngine On
>         RewriteLog /var/log/apache2/rewrite.log
>         RewriteLogLevel 5
>         RewriteCond %{REQUEST_METHOD} ^(PROPFIND|PUT|DELETE)$
>         RewriteRule ^/~[[:alpha:]]+/(.*)$ /~%{LA-U:REMOTE_USER}/$1

Since mod_rewrite uses a sub-request to grab the REMOTE_USER, I'd
guess that the problem is that all subrequests are GET requests, and
therefore unauthenticated. You may be able to get around that problem
by putting the mod_rewrite stuff into a <Directory> section where the
REMOTE_USER may be available directly (and not through a sub-request).

Alternatively, you could leave all regular userdir requests as
unathenticated, and setup a separate directory (say
http://yourhost/edit) where DAV was turned on for editing. Then in
this directory you would transparently map to the correct location:

<Location /edit>
               DAV On
               AuthType Digest
               AuthName homes.gci.net
               AuthUserFile /etc/apache2/user.passwd
</Locatoin>

RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule ^/edit(.*) /home/%1$1

All users would then access files directly under http://yourhost/edit
and get automatically (transparently) redirected to their home
directory.

By the way, I assume you are aware that your users shouldn't be given
any direct (shell) access to the filesystem if you are using mod_dav.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message