mod_dav.xml revision 283c8419679dcabdd6605521b5094c7e31e44f4d
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd<description>Distributed Authoring and Versioning
3f08db06526d6901aa08c110b5bc7dde6bc39905nd(<a href="http://www.webdav.org/">WebDAV</a>) functionality</description>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd href="http://www.webdav.org">WebDAV</a> ('Web-based Distributed
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd Authoring and Versioning') functionality for Apache. This
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd extension to the HTTP protocol allows creating, moving,
af33a4994ae2ff15bc67d19ff1a7feb906745bf8rbowen copying, and deleting resources and collections on a remote web
3f08db06526d6901aa08c110b5bc7dde6bc39905nd server.</p>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd<seealso><directive module="mod_dav_fs">DavLockDB</directive></seealso>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd<seealso><directive module="core">LimitXMLRequestBody</directive></seealso>
4b5981e276e93df97c34e4da05ca5cf8bbd937dand<seealso><a href="http://www.webdav.org">WebDAV Resources</a></seealso>
ed1d958582984a7c54a6ca859e15939a414fa733nd <p>To enable <module>mod_dav</module>, add the following to a
ad74a0524a06bfe11b7de9e3b4ce7233ab3bd3f7nd <p>This enables the DAV file system provider, which is implemented
1cc20a8827ff6056399d64e3106b44d31e8e0e53nd by the <module>mod_dav_fs</module> module. Therefore, that module
74f9e2dc9461c0e91b182eff6a9828fe42496dbcnd must be compiled into the server or loaded at runtime using the
d474d8ef01ec5c2a09341cd148851ed383c3287crbowen <directive module="mod_so">LoadModule</directive> directive.</p>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd <p>In addition, a location for the DAV lock database must be
4b575a6b6704b516f22d65a3ad35696d7b9ba372rpluem specified in the global section of your <code>httpd.conf</code>
4b575a6b6704b516f22d65a3ad35696d7b9ba372rpluem file using the <directive module="mod_dav_fs">DavLockDB</directive>
3f08db06526d6901aa08c110b5bc7dde6bc39905nd directive:</p>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd </example>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd <p>The directory containing the lock database file must be
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd writable by the <directive module="mpm_common">User</directive>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd and <directive module="mpm_common" >Group</directive> under which
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd Apache is running.</p>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd <p>You may wish to add a <directive module="core" type="section"
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd >Limit</directive> clause inside the <directive module="core"
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd type="section">Location</directive> directive to limit access to
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd DAV-enabled locations. If you want to set the maximum amount of
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd bytes that a DAV client can send at one request, you have to use
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd the <directive module="core">LimitXMLRequestBody</directive>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd >LimitRequestBody</directive> directive has no effect on DAV
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd requests.</p>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd <Location /foo><br />
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd Dav On<br />
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd AuthType Basic<br />
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd AuthName DAV<br />
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd <LimitExcept GET OPTIONS><br />
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd require user admin<br />
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd </LimitExcept><br />
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd </Location><br />
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd <p><module>mod_dav</module> is a descendent of Greg Stein's <a
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd href="http://www.webdav.org/mod_dav/">mod_dav for Apache 1.3</a>. More
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd information about the module is available from that site.</p>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd <p>Since DAV access methods allow remote clients to manipulate
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd files on the server, you must take particular care to assure that
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd your server is secure before enabling <module>mod_dav</module>.</p>
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd <p>Any location on the server where DAV is enabled should be
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd protected by authentication. The use of HTTP Basic Authentication
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd is not recommended. You should use at least HTTP Digest
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd Authentication, which is provided by the
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd <module>mod_auth_digest</module> module. Nearly all WebDAV clients
ed1d958582984a7c54a6ca859e15939a414fa733nd support this authentication method. An alternative is Basic
ad74a0524a06bfe11b7de9e3b4ce7233ab3bd3f7nd connection.</p>
74f9e2dc9461c0e91b182eff6a9828fe42496dbcnd <p>In order for <module>mod_dav</module> to manage files, it must
ad74a0524a06bfe11b7de9e3b4ce7233ab3bd3f7nd be able to write to the directories and files under its control
1cc20a8827ff6056399d64e3106b44d31e8e0e53nd using the <directive module="mpm_common">User</directive> and
74f9e2dc9461c0e91b182eff6a9828fe42496dbcnd <directive module="mpm_common">Group</directive> under which
d474d8ef01ec5c2a09341cd148851ed383c3287crbowen Apache is running. New files created will also be owned by this
d474d8ef01ec5c2a09341cd148851ed383c3287crbowen <directive module="mpm_common">User</directive> and <directive
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd module="mpm_common">Group</directive>. For this reason, it is
07dc96d063d49299da433f84b5c5681da9bbdf68rbowen important to control access to this account. The DAV repository
af33a4994ae2ff15bc67d19ff1a7feb906745bf8rbowen is considered private to Apache; modifying files outside of Apache
0d0ba3a410038e179b695446bb149cce6264e0abnd (for example using FTP or filesystem-level tools) should not be
7fec19672a491661b2fe4b29f685bc7f4efa64d4nd allowed.</p>
7fec19672a491661b2fe4b29f685bc7f4efa64d4nd <p><module>mod_dav</module> may be subject to various kinds of
6116c12fdd3ed06d388fe6572e50a22e9320dfa5nd denial-of-service attacks. The <directive