Webdav realms

Similar Messages

• What, exactly, is a webdav realm?

  The web technologies admin document's glossary defines a WebDAV realm as "A region of a website, usually a folder or directory, that’s defined to provide access for WebDAV users and groups."
  This strikes me as a bit unclear, as a "region of a website" can be many things. Do they mean a location on a *web server* that holds files for a particular website hosted on the server?
  And in the context of the small lab network I administer, would I use one realm for every web service offered by the server? Or would I use different realms for each blog, wiki, group, etc?
  Thanks,
  Jon

  Hi Jon,
  generally, I think a Realm refers to an area within a website, as defined by some base portion of its URL, where access authorization is restricted. Usually, the simplest method to do this on Apache is with the .htaccess files. You define a Realm as the URL at which this authorization is enforced.
  At its most basic level, a "region of a website" might just be a directory, such as http://example.com/test-dir/. The web directory test-dir may map directly to a real filesystem location, such as /Library/WebServer/Document/test-dir/.
  Or a "region of a website" may instead map to a specific environmental context within an application. The URL components following the domain name may be a series of values that represent a certain state in the application. This can either be done by simply appending a query string of name=value pairs to the URL (like the URL for this post- there is no folder named ?threadID=2547419 on the disscussions.apple.com server). Or it can be more semantic, SEO friendly URLs like http://example.com/articles/2010/08/What-is-a-realm
  A specific website have have many Realms defined within itself. It is up to you, the admin, to decide when and where you need to create a Realm to restrict access or activity.
  WebDav is almost always configured inside a Realm because of the extra abilities the clients accessing the website may have: i.e. DELETE or PUT methods.
  If your "small lab network" is only accessed by the people in your small lab, and not be anonymous people out on the internet, then you could probably get by without anything too complicated. Maybe one Realm for the entire website.
  But if your wiki is used by some people, your blog is used by a different group and you don't what to share data or content between them, then yes, create a separate Realm for each area of content:
  create a Wiki-realm for /wiki
  create a blog-realm for /blog
  This will allow you to manage access to each content area separately. If you have Open Directory set up, you can configure your realms to use those user accounts so you don't have to create new username/passwords for each Realm.
  The documentation to do this is all pretty readily available from Apple.
  Does this answer your question?
  Cheers,
  Matt

• WebDAV Realms settings?

  I've got WebDAV mostly working, and have a group of users who can share a document in http://domain.com/SubDirectory/ but they can also fiddle with files in https://domain.com, which isn't the desired behavior.
  I've got that directory in their Realm, and have tried deleting and recreating their realm, but it doesn't help.
  What am I doing wrong, and how do I straighten this out? I'm hoping to eventually have multiple realms with users separated from each other...
  Many Thanks!

  It would be helpful to know exactly how you've setup the realm. Would it be possible to post the contents of the .conf file related to that virtual host (removing anything personal of course)? You can find this config file in /etc/httpd/sites/000x_yourdomain.conf.
  MacBook   Mac OS X (10.4.8)  

• WebDav realm asks for login but then says it can't be found

  Trying to access a WedDav realm I first get the request for the login username and password but then it returns "You cannot connect to this server because it cannot be found on the network. Try again later or try a different URL"
  Clearly it can be found or it wouldn't be asking for the login.
  Anyone care to help me on this one ?
  I tired to change the folder permissions and they revert when I close the lock on the get info window.

  With help from someone in another forum I found the problem.
  Even though I had checked WedDav for the site in Server Admin the dav module wasn't loading.
  Less than a minute in the terminal to edit httpd.conf and everything works.
  I don't know if this is new bug in 10.4.7 or 10.4.8 but it's consistent between 2 new installs I have. Being new to OS X server I just assumed that the UI was showing me was true. So much for that idea.

• Problem with some virtual sites and WebDAV

  I have a handful of virtual sites on a snow leopard server that have WebDAV turned on to allows the owners of the site to update them. Things were working fine until this weekend when a site owner informed me he has having problems. I use Dreamweaver CS4 to edit sites and when I set them up, I add my admin account to the WebDAV realm allowed to Read/Write and update the site. I confirmed the problem that the owner was having and had the same problem with WebDAV on that site. I quickly checked several others and found that some work fine while others give me an error. Here is the error message I get from Dreamweaver.
  I checked the log files for the site and received no useful information. I also looked in /var/log for any entries with WebDAV (grep -i webdav *), and again get no useful information. I tried setting up a new site and got the same error. One thing that I did notice is that the site did not have it's ownership changed to _www and the other sites were and get a feeling that might be part of this. Changing the ownership of all files and directories to _www did not fix the problem.
  I'm mystified as to why it works for some sites and not others and am not sure where to go to debug this issue and get it working again.
  DNS seems to be OK on the server.
  minime:~ admin$ sudo changeip -checkhostname
  Password:
  Primary address     = 207.65.119.2
  Current HostName    = minime.theporch.com
  DNS HostName        = minime.theporch.com
  The names match. There is nothing to change.
  dirserv:success = "success"
  Thank you in advance for any help you can offer.

  I'm also having the same issue. I have a feeling its related to a problem with spaces and Java, assuming that the "Top Sites" is generated with some Java application.
  Maybe Septembers OSX update will help.

• WebDAV : move from 10.4 to 10.6 : aliases no longer work.

  On OSX Server 10.4.11 I had WebDAV setup perfectly.
  I could add Aliases of externally attached hard drives into the WebDAV Realm folder(s) and they would be accessible.
  I have WebDAV setup on OSX Server 10.6.7 but the Aliases no longer work and appear as a Terminal icons / links / files.
  What have I done wrong?
  Do I have to setup a mime type for aliases created by the Finder Make Alias Apple-L

  Actually . . .my 2007 MacBook Pro 3,1 (A1226) operates fine and fast with 4 GB of RAM (2GB +2GB) so you need to check your particular model.
  The upgrade from 2GB to 4GB made a major speed difference as did an upgrade to a 7200rpm hard drive and some system cleanup (see my earlier posts).
  I think one can upgrade to 6GB the A1226 to 6GB via 2GB +4GB modules although there are some technical issues with unbalanced memory modules that somewhat offset the advantages of the 6GB memory.

• I tried "Upgrading" 10.6.8 Server to 10.8 Server. And failed.

  No question here, just a report for others to read.
  So far I have always succesfully upgraded OS X Server. I started with 10.3 server and (except the PPC to x86) I always 'upgraded' not 'migrated'. But this time, my simple server (AFP (with PHD), DNS, Firewall (ipfw), Mail with virtual domains, Web with realms) was too much for the upgrade process. Things I ran into:
  The upgrade process found out of date information (e.g. network settings that had been deleted from System Preferences) which it promoted to reality again.
  Mount points (AFP) upgraded properly
  DNS was upgraded properly. Funny thing, DNS even ran after the 10.6.8 Server had been upgraded to 10.8 Client.
  Upgrading postfix did not work. I got a strange mix of settings in /etc/postfix nd /Library/Server/Mail/Config/postfix which I was able to merge. But I never got amavisd and clamav to work. The refused to launch and I could not find the reason.
  I never got around to migrating web, Firewall, testing PHD.
  So I returned to my backup and am now back to 10.6.8 Server. Next attempt: building a clean 10.8 Server, rebuilding DNS and AFP by hand and importing Users, Groups, Machines, Machine Groups via Workspace Manager (which luckily still exists), adding Firewall (ipfw). I dread Web because I have a couple of virtual domains, webdav Realms and such.

  You might give a shout out on the OS X Server forum.

• Auto-publish keeps losing the password

  ICal 2.0.2: I've set autopublish on calendar updates to a webDAV server. Autopublish hangs waiting for password - when I type it, works fine. How do I get the password to stick so I don't have to type it for each update?

  Same problem here... (10.4.2 iCal publishes to an OSX Server WebDAV realm on the same LAN). First publish goes well, bur update requests the password again and again.

• Share ical

  Can I share one ical with two accounts?

  True David, but I have this working fine on my OS X Server. Using WebDAV realm control for who can Publish and who can not. Multiple users can share their individual iCal and because iCal has the nice on/off overlaps and color setting you can "share".
  Directions:
  1. Create a directory /Library/WebServer/Documents/iCal
  2. Set Permissions to www as owner & group
  3. Add to the site list in Server Admin with WebDAV on (I also have Folder & CGI on).
  a. Make sure you have a DNS entry set for the site added to site list.
  4. Under SA:Web:Settings:Sites:Realms: define a realm with the users in the LDAP that can Author iCal's placed here.
  5. In iCal create a new calendar to publish.
  6. Select Publish under the Calendar menu in iCal and set
  a. Calendar Name set to "on WebDAV server" Base URL: http://ical.mydomain.com/ with Login & Pass for a user that can Author under the realm.
  7. On the other users iCal's just Subscribe & you can also just Publish a new calendar for them and subscribe on the first users iCal. You get the idea.
  One thing I was gonna play with is to set a "iCal user" up in WGM with a Remote home directory. This way any user with that iCal user info could logout and login under iCal user and make changes to the Published Calendar. The Publish of the iCal file is tied to the individuals home iCal files in which iCal "Pushes" out to the WebDav directory. I hope with Leopard we will see a REAL shared iCal w/edit by multi-users.

• ICal isn't really "published"!

  Hello,
  My life literally depends on iCal, It helps me through the day.
  But the problem is that in work, they don't use apple computes, anyhow, I published a "group calendar" and I cannot access it when I'm away from the laptop or when I'm using a PC.
  All I want is to check it on the web from a pda or a pc.
  Help is highly required and appreciated.
  Thanks,
  Ammar

  The URL depends on how you've published the calendar. It is just a location on a server, either on a remote network or on a local network. For access from anywhere the server should be on the internet. Additionally, the server you are publishing to must have "WebDAV" enabled, which allows you to write to it.
  The URL to the server would be something like: http://www.hostname.com/calendarfolder/
  The server should be set up so "calendarfolder" is a folder on the web server that is set up to be writable by you using the "WebDAV" protocol (this is done by the server administrator, who should be familiar with WebDAV realms in the Apache web server). You will get a username and password from your administrator, and you can then enter the URL and the authentication information into the "Publish Calendar" dialogue box when you set up publishing for the calendar.
  After you enter your information and click "Publish", iCal will copy the calendar to the URL location and automatically update the calendar when you make changes.
  For applications that subscribe to the calendar, the URL will be the same. In iCal, you would go to the "Calendar" menu and select "Subscribe". Then enter the URL that you used to publish the calender, followed by the name of the calendar. For instance, in the example above it would be something like http://www.hostname.com/calendarfolder/mycalendar.ics.
  Let me know if anything is unclear.

• Multiple realms and webdav

  when i create a realm in a website it works ok i then share it through webdav again it works ok, when i create a second realm following the same proceedure it dosnt work any ideas  its on 10.6.6 server

  Hi!
  I have the same problem! did you solve this problem? can you give me a hint?
  Tnx,
  Stanislav

• WebDAV how to make root folders read only but contents writable

  Hi everyone.. Thanks in advance to anyone who can help me out..
  1 PERMISSIONS
  I have a working WebDAV server. In each realm (or user account) they have a setup that mocks their home folder, ie, Documents, Movies, Websites, etc.
  How can I modify the permissions so that these root folders cannot be deleted, but they can obviously have items added/deleted inside of them?
  2 QUOTAS
  Is there anyway to add quotas to WebDav accounts?
  Thanks a lot!
  -Mel

  sorry guys..
  Just figured out how to sort out the permissions.. You need to modify the WWW user the way you would normally set the standard user's permissions..
  Any help on setting the quotas?
  Thanks!
  -Mel

• 10.6.8 Server Update Broke WebDAV

  I've searched on this and seen nothing. I upgraded my SLS to 10.6.8 a couple of days ago and everything seemed to go well. However I started getting authentication problems with WebDAV. This WebDAV server has been working faultlessly for months, immediately after the upgrade we began getting authentication errors.
  The Webdav access is managed by a realm and a single group has read and write access. Since the upgrade when trying to access the WebDAV it asks for your credentials and then simply asks for them again, and again, and again...
  Any similar experiences or any thoughts?
  When I first set up WebDAV I found it incredibly buggy. Having finally got it going it works well - then this!

  Turn on the Web - Setting - Modules - mod_auth_digest_apple
  helped me - Digest authentication
  Sorry for my English

• Realm authentication not working for usergroups

  Hi...
  I have a server running 10.4.3 (8F46). I'm running one web site, and also some AFP shares. This server is bound to our corporate Active Directory server.
  I'm positive the AD integration works because my AFP shares use AD users and groups for their permissions. All but one AFP share uses an AD group for permissions. AD users are in an AD group, and they can log in to the share. It works.
  Anyways.... I want my one web site to be protected, and I'd like only one AD group to be able to access it. I am familiar with Apache from FreeBSd and OpenBSD. In ServerAdmin, I created a web site, and it works. I then created a realm, and added one AD user to the users pane. From the browser, I can connect to the web site after I authenticate as the AD user (annoyingly, I have to prepend my AD domain and a backslash to my username). My AD user can connect and view the web page.
  When I add an AD group to the groups pane, none of the member users can authenticate properly. If I remove the above user from the user pane, and add a group (containing said user) to the group pane, that user can no longer log in.
  I've consulted the 10.4 server documentation; the WebServices pdf does not get into details with realm authentication, and covers it mostly in conjunction with WebDAV.
  I find it odd that an AD user can connect when specified as a user entry, but not from within a group. It's almost as if authenticating to AD groups is broken in Apple's implementation of Apache.
  Has anyone else set up authentication with websites? Ever done it with Active Directory?
  Thanks
  /eric

  This is not limited to Active Directory as I have been unable to use groups for realm authentication with OpenLDAP either (on 10.3.9).
  I assumed it would be fixed in 10.4 but I see it has not.

• Cannot add files recursively to a WebDAV folder

  Dear all,
  I successfully setup a WebDAV folder with Access Control List on my Mac OS X 10.4 Server. I can upload and download files to this WebDAV folder with a 10-person workgroup. Everyone is able to read the write files to this folder.
  However, if any of us connect to this folder through Finder and try to upload a folder, for example "folderA" with subfolders and files, I have the following 2 problems:
  1. Since "folderA" has subfolders and my WebDAV server will complained that I don't have sufficient privileges to some of the items.
  2. If "folderA" doesn't have any subfolder but it has a large number of files, WebDAV server will sometimes ask for authentication every other files.
  I have already set up in Workgroup Manager so that the WebDAV folder is accessible by all memeber of my workgroup with "FULL CONTROL" and HTTP Users with "READ & WRITE". Also, in Server Admin, Web configuration, I have setup Realms to have all memeber of my workgroup to be able to Browse and Author.
  Please let me know if there is any advice on this.
  Thanks in advance.

  Dear all,
  Thanks for anyone interested in this posting. I think I find the answer to my own question. I think this is it:
  http://discussions.apple.com/thread.jspa?messageID=1824674&#1824674
  Thank you again.