old-www/HOWTO/Apache-WebDAV-LDAP-HOWTO/config-webdav.html

<HTML
><HEAD
><TITLE
>Configuring and Setting up the
 WebDAV services</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="Apache based WebDAV Server with LDAP and SSL "
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="Installation"
HREF="x153.html"><LINK
REL="NEXT"
TITLE="WebDAV server management"
HREF="x383.html"></HEAD
><BODY
CLASS="sect1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Apache based WebDAV Server with LDAP and SSL</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="x153.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="x383.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="sect1"
><H1
CLASS="sect1"
><A
NAME="config-webdav"
></A
>4. Configuring and Setting up the
 WebDAV services</H1
><P
> Now for the easy part. In this section we will WebDAV enable a
directory under Apache root.  </P
><DIV
CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN293"
></A
>4.1. Modifications to  the
<TT
CLASS="filename"
>/usr/local/apache/conf/httpd.conf</TT
></H2
><P
>&#13;Please verify that the following Apache directive appears in the 
<TT
CLASS="filename"
>/usr/local/apache/conf/httpd.conf</TT
> :</P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
>&#13;  Addmodule mod_dav.c
</PRE
></FONT
></TD
></TR
></TABLE
></P
><P
> If it does not please add it. This directive informs Apache
about DAV capability. The directive must be placed outside any
container.  </P
><P
>&#13;Next we must specify where Apache should store 
the DAVLockDB file. DAVLockDB is a lock database for the WebDAV. 
This directory should be writable by the httpd process.
</P
><P
>&#13;I store the DAVLock file under <TT
CLASS="filename"
>/usr/local/apache/var</TT
>.
I use this directory for other purposes as well. Please add the
following line to your
<TT
CLASS="filename"
>/usr/local/apache/conf/httpd.conf</TT
> to specify
that the DAVLockDB file will be under
<TT
CLASS="filename"
>/usr/local/apache/var</TT
> : </P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
>&#13;  DAVLockDB      /usr/local/apache/var/DAVLock 
</PRE
></FONT
></TD
></TR
></TABLE
></P
><P
>The directive must be placed outside any container.</P
></DIV
><DIV
CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN309"
></A
>4.2. Creating a directory for DAVLockDB</H2
><P
> As mentioned above a directory must be created  for DAVLockDB
that can be written by the web server process. Usually web server
process runs under the user '<EM
>nobody</EM
>' . Please
verify this for your system using the command: 
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
><B
CLASS="command"
>ps -ef | grep httpd</B
></PRE
></FONT
></TD
></TR
></TABLE
>
Under <TT
CLASS="filename"
>/usr/local/apache</TT
> create
the directory and set the permissions on it using the following
commands:  </P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
>&#13;  <B
CLASS="command"
># cd /usr/local/apache</B
>
  <B
CLASS="command"
># mkdir var</B
>
  <B
CLASS="command"
># chmod -R 755 var/</B
>
  <B
CLASS="command"
># chown -R nobody var/</B
>
  <B
CLASS="command"
># chgrp -R nobody var/</B
>
</PRE
></FONT
></TD
></TR
></TABLE
></P
></DIV
><DIV
CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN323"
></A
>4.3. Enabling DAV</H2
><P
> Enabling DAV is a trivial task. To enable DAV for a directory
under Apache root, just add the following directive in the container
for that particular directory: </P
><P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
>&#13;  DAV On
</PRE
></FONT
></TD
></TR
></TABLE
></P
><P
> This directive will enable DAV for the directory and its
sub-directories.  </P
><P
>The following is a sample configuration that will enable WebDAV
and LDAP authentication on
<TT
CLASS="filename"
>/usr/local/apache/htdocs/DAVtest</TT
>.  Place this in
the <TT
CLASS="filename"
>/usr/local/apache/conf/httpd.conf</TT
> file.
</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
>&#13; DavLockDB /tmp/DavLock
&#60;Directory "/usr/local/apache2/htdocs/DAVtest"&#62;
Options Indexes FollowSymLinks
AllowOverride None
order allow,deny
allow from all
AuthName "SMA Development server"
AuthType Basic
LDAP_Debug On
#LDAP_Protocol_Version 3
#LDAP_Deref NEVER
#LDAP_StartTLS On
LDAP_Server you.ldap.server.com 
#LDAP_Port 389
# If SSL is on, must specify the LDAP SSL port, usually 636
LDAP_Port 636
LDAP_CertDbDir /usr/local/apache2/sslcert
Base_DN "o=SDS"
UID_Attr uid
DAV On
#require valid-user
require valid-user 
#require roomnumber "123 Center Building"
#require filter "(&#38;(telephonenumber=1234)(roomnumber=123))"
#require group cn=rcs,ou=Groups
&#60;/Directory&#62;
</PRE
></FONT
></TD
></TR
></TABLE
></DIV
><DIV
CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN333"
></A
>4.4. Create a Directory called DAVtest</H2
><P
>As mentioned in a earlier section, all DAV directories have to
be writable by the WebServer process. In this example we assume
WebServer is running under username '<EM
>nobody</EM
>'.
This is usually the case. To check httpd is running under what user,
please use: </P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
><B
CLASS="command"
># ps -ef | grep httpd</B
></PRE
></FONT
></TD
></TR
></TABLE
><P
>Create a test directory  called '<TT
CLASS="filename"
>DAVtest</TT
>'
under <TT
CLASS="filename"
>/usr/local/apache2/htdocs</TT
> :</P
><P
><B
CLASS="command"
># mkdir /usr/local/apache/htdocs/DAVtest</B
></P
><P
>Change the permissions on the directory  to make it is
read-writable by the httpd process. Assuming the httpd is running
under username '<EM
>nobody</EM
>', use the following
commands:</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
>&#13;  # cd /usr/local/apache/htdocs
  # chmod -R 755 DAVtest/
  # chown -R nobody DAVtest/
  # chgrp -R nobody DAVtest/
</PRE
></FONT
></TD
></TR
></TABLE
></DIV
><DIV
CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN347"
></A
>4.5. Restart Apache</H2
><P
> Finally you must run the configuration test routine that comes
with Apache to  verify the syntax in <TT
CLASS="filename"
>httpd.conf</TT
> :
</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
><B
CLASS="command"
># /usr/local/apache/bin/apachectl configtest</B
></PRE
></FONT
></TD
></TR
></TABLE
><P
>&#13;If you get error messages please verify that you followed all of
the above mentioned steps correctly. If you can not figure out the
error message feel free to email me with the error message
(<A
HREF="mailto:saqib@seagate.com"
TARGET="_top"
>saqib@seagate.com</A
>).
</P
><P
>If the configtest is successful start the apache web-server: </P
><P
><B
CLASS="command"
># /usr/local/apache/bin/apachectl restart</B
></P
><P
>Now you have WebDAV enabled Apache Server with LDAP
authentication and SSL encryption.  </P
></DIV
><DIV
CLASS="sect2"
><H2
CLASS="sect2"
><A
NAME="AEN359"
></A
>4.6. WebDAV server protocol compliance testing</H2
><P
>It is very important that the WebDAV that we just implemented be fully complaint with the WebDAV-2 protocol. If it is not 
fully compatible, the client side WebDAV applications will not function properly.</P
><P
>To test the complaince we will use a tool called Litmus. Litmus is a WebDAV server protocol compliance test suite, 
which aims to test whether a server is compliant with the WebDAV protocol as specified in RFC2518. </P
><P
>Please download the Litmus source code from <A
HREF="http://www.webdav.org/neon/litmus/"
TARGET="_top"
>http://www.webdav.org/neon/litmus/</A
> and place it in the /tmp/downloads directory.</P
><P
>Then use gzip and tar to extract the files:</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
>&#13;<B
CLASS="command"
># cd /tmp/downloads</B
>
<B
CLASS="command"
># gzip -d litmus-0.6.x.tar.gz</B
>
<B
CLASS="command"
># tar -xvf litmus-0.6.x.tar</B
>
<B
CLASS="command"
># cd litmus-0.6.x</B
>
</PRE
></FONT
></TD
></TR
></TABLE
><P
>Compiling and installing Litmus is easy:</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
>&#13;<B
CLASS="command"
># ./configure</B
>
<B
CLASS="command"
># make</B
>
<B
CLASS="command"
># make install</B
>
</PRE
></FONT
></TD
></TR
></TABLE
><P
><B
CLASS="command"
>make install</B
> will install the Litmus binary files under <TT
CLASS="filename"
>/usr/local/bin</TT
> and the help files under <TT
CLASS="filename"
>/usr/local/man</TT
></P
><P
>To the test the complaince of the WebDAV server that you just installed, please use the following command</P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="screen"
>&#13;<B
CLASS="command"
># /usr/local/bin/litmus http://you.dav.server/DAVtest userid passwd</B
>
</PRE
></FONT
></TD
></TR
></TABLE
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="x153.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="x383.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Installation</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>WebDAV server management</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>