如何使用 Apache/WebDAV 作为经过身份验证的用户进行读/写?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/114204/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How do I read/write as the authenticated user with Apache/WebDAV?
提问by neu242
I've set up DAV in apache2, which works great. The thing is, all read/write operations are done with the apache user's credentials. Instead I want to use the HTTP authenticated user's credentials. If I authenticate as "john", all read and write operations should use the system user john's credentials (from /etc/passwd). suEXECseems like overkill since I am not executing anything, but I might be wrong...
我已经在 apache2 中设置了 DAV,效果很好。问题是,所有读/写操作都是使用 apache 用户的凭据完成的。相反,我想使用 HTTP 身份验证用户的凭据。如果我以“john”身份进行身份验证,则所有读取和写入操作都应使用系统用户 john 的凭据(来自 /etc/passwd)。 suEXEC似乎有点矫枉过正,因为我没有执行任何操作,但我可能是错的......
Here's the current configuration:
这是当前的配置:
<VirtualHost *:80>
DocumentRoot /var/www/webdav
ServerName webdav.mydomain.com
ServerAdmin [email protected]
<Location "/">
DAV On
AuthType Basic
AuthName "WebDAV Restricted"
AuthUserFile /etc/apache2/extra/webdav-passwords
require valid-user
Options +Indexes
</Location>
DAVLockDB /var/lib/dav/lockdb
ErrorLog /var/log/apache2/webdav-error.log
TransferLog /var/log/apache2/webdav-access.log
</VirtualHost>
回答by niXar
Shot answer, and as far as I know: you don't.
射击回答,据我所知:你没有。
Long answer: it is possible to implement such a feature with an appropriate mpm, and there were variousattemptsto do so, but they don't seem to be very actively supported, and are at least not in the mainline Apache codebase.
长答案:可以使用适当的 mpm 实现这样的功能,并且有各种尝试这样做,但它们似乎没有得到非常积极的支持,至少不在主线 Apache 代码库中。
peruser:
读者:
Q. Is peruser ready for production use?
A. In general, no.
问:peruser 准备好用于生产了吗?
A. 一般来说,没有。
perchild:
每个孩子:
This module is not functional. Development of this module is not complete and is not currently active. Do not use perchild unless you are a programmer willing to help fix it.
该模块不起作用。此模块的开发尚未完成,当前未处于活动状态。除非您是愿意帮助修复它的程序员,否则不要使用 perchild。
That's too bad, really; most uses of WebDav I've seen store ownership information at the application layer, in the database, anyway. The consensus for doing file sharing is to use Samba instead; and that's not really a solution, I admit.
这太糟糕了,真的;无论如何,我见过的 WebDav 的大多数用途都在应用程序层、数据库中存储所有权信息。做文件共享的共识是改用Samba;我承认,这并不是真正的解决方案。
回答by Mark Porter
We have been using davenport (http://davenport.sourceforge.net/) for years to provide access to Windows/samba shares over webdav. Samba/Windows gives a lot of control over this sort of thing, and the Davenport just makes it usable over the web over SSL without a VPN
多年来,我们一直使用 davenport ( http://davenport.sourceforge.net/) 通过 webdav 提供对 Windows/samba 共享的访问。Samba/Windows 对这类事情提供了很多控制,而 Davenport 只是让它在没有 VPN 的情况下通过 SSL 在网络上可用
