Return-Path: 
 <users-return-72190-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 43283 invoked from network); 5 May 2007 23:46:39 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 5 May 2007 23:46:39 -0000
Received: (qmail 91718 invoked by uid 500); 5 May 2007 23:46:35 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 91699 invoked by uid 500); 5 May 2007 23:46:35 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 91688 invoked by uid 99); 5 May 2007 23:46:35 -0000
Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 05 May 2007 16:46:35 -0700
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (herse.apache.org: domain of jslive@gmail.com designates
 209.85.132.244 as permitted sender)
Received: from [209.85.132.244] (HELO an-out-0708.google.com) (209.85.132.244)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 05 May 2007 16:46:28 -0700
Received: by an-out-0708.google.com with SMTP id d31so52388and
        for <users@httpd.apache.org>; Sat, 05 May 2007 16:46:07 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;
        d=gmail.com; s=beta;
        h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth;
        b=KC0L7FHPIhIX7lSbPAbgl0YZ1Po3YA0RuYhbjARAAI7xU66Re9pkv75Vk5FUjosXkZ8QyTrZ77Remk+Mo4iQLN71nl5eIiAu+kKm3TkWAUktq7U1Su7rpfmByRgRd00s7mvjXNNBpI8rOE+HdjosLJcwZH7EZOkFlzrtTA4IxS0=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth;
        b=Ol7xGN1WBPP8hi8GmmQKLTJWV9LgnmNLUV1C92EU7r+i9FE43g2AjIo3PjI/pcYgIt0DuxngmXF2O27qbWTfhGMsLOYLnjRWilYoJLpukcvcKg/qcI0v+gqTwLVTVI4tWPLTum1qx99MGLRIE92rTdCEVVBJPaFgurtZtCbR5Pg=
Received: by 10.100.126.2 with SMTP id y2mr3768547anc.1178408767123;
        Sat, 05 May 2007 16:46:07 -0700 (PDT)
Received: by 10.100.254.18 with HTTP; Sat, 5 May 2007 16:46:07 -0700 (PDT)
Message-ID: <e498c1660705051646w8a7b4d3j740fce9aeed3dc35@mail.gmail.com>
Date: Sat, 5 May 2007 19:46:07 -0400
From: "Joshua Slive" <joshua@slive.ca>
Sender: jslive@gmail.com
To: users@httpd.apache.org
In-Reply-To: <463BA4F5.5080307@gci.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <463BA4F5.5080307@gci.net>
X-Google-Sender-Auth: d50db6b2104de6f5
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: Re: [users@httpd] URL Rewriting and DAV with Digest Authentication

On 5/4/07, The Gaijin <gaijin@gci.net> wrote:

>
>         <LocationMatch ~*>

Use <Location /~> -- it is more efficient and safer in this case.
>
>         RewriteEngine On
>         RewriteLog /var/log/apache2/rewrite.log
>         RewriteLogLevel 5
>         RewriteCond %{REQUEST_METHOD} ^(PROPFIND|PUT|DELETE)$
>         RewriteRule ^/~[[:alpha:]]+/(.*)$ /~%{LA-U:REMOTE_USER}/$1

Since mod_rewrite uses a sub-request to grab the REMOTE_USER, I'd
guess that the problem is that all subrequests are GET requests, and
therefore unauthenticated. You may be able to get around that problem
by putting the mod_rewrite stuff into a <Directory> section where the
REMOTE_USER may be available directly (and not through a sub-request).

Alternatively, you could leave all regular userdir requests as
unathenticated, and setup a separate directory (say
http://yourhost/edit) where DAV was turned on for editing. Then in
this directory you would transparently map to the correct location:

<Location /edit>
               DAV On
               AuthType Digest
               AuthName homes.gci.net
               AuthUserFile /etc/apache2/user.passwd
</Locatoin>

RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule ^/edit(.*) /home/%1$1

All users would then access files directly under http://yourhost/edit
and get automatically (transparently) redirected to their home
directory.

By the way, I assume you are aware that your users shouldn't be given
any direct (shell) access to the filesystem if you are using mod_dav.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org