X

Blogs about Deep Learning, Machine Learning, AI, NLP, Security, Oracle Traffic Director,Oracle iPlanet WebServer

  • May 16, 2006

New Feature WebDAV Access Control Protocol In Sun Java System Web Server 7.0


New Feature WebDAV Access Control Protocol In Sun Java System Web Server 7.0


 There's a whole bunch of new stuff in Sun Java System Web Server 7.0, and you can download it for free from http://www.sun.com/download/index.jsp?cat=Web%20%26%20Proxy%20Servers&tab=3&subcat=Web%20Servers .

Remote Content Manipulation And Remote Access Control


Whenever I create website for myself for personal use or when I need to
use a website that is common to our group with more than one member
modifying the content, I always want to
  • Create, modify or delete files on a website via a HTTP
    without actually ftp'ing the files into the machine that contains the
    content.
  • Lock a page when I am modifying a file and prevent my team
    members from modifying it at the same time.
  • Create directories on a website just by sending a simple HTTP
    command remotely rather than logging into the machine where web server
    is installed and then creating the directory by typing "mkdir foo".
  • Copy and move files around without actually logging into the
    machine that contains the content.
  • Associating properties to a file.

More than that, I also want to
  • Control who can view, modify (access) the file I have created
    rather than
    telling the web site administrator to do it for me that too without a
    server
    restart.
  • Finding out how many files I myself have created inside a
    directory on a website.
  • Finding out who has created a file (Who is the owner of a file).
  • Finding out how many files I can view, modify inside a directory
    on a website.
  • Finer control of privileges like write-content, write-properties, bind, write-acl than
    merely write privileges.

WebDAV and WebDAV Access Control Protocol support in Sun Java System Web Server 7


Check this out, we have implemented ALL this Sun Java System
Web Server 7.
It was an experience reading RFC and implementing
it. What I found the toughest part was reusing the existing
infrastructure with bare minimum changes to the core and yet meeting
the deadlines !!


Sun Java System Web Server 7 now
  • Conforms to WebDAV protocol as defined by the RFC
    2518.
    • Supports the following HTTP methods GET, HEAD, OPTIONS, PUT, LOCK, UNLOCK,
      MKCOL, COPY, MOVE PROPPATCH, DELETE, PROPFIND.
  • Conforms to WebDAV Access
    Control Protocol
    as defined by
    the RFC 3744.
    • Also supports ACL,
      REPORT(DAV:acl-principal-prop-set, DAV:principal-match,
      DAV:expand-property), PROPFIND (DAV:acl and
      DAV:current-user-privilege-set property).
    • Has finer access rights like dav:all, dav:read, dav:read-acl,
      dav:read-current-user-privilege-set, dav:write, dav:write-acl,
      dav:write-properties, dav:write-content, dav:bind, dav:unbind,
      dav:unlock
      .

Assuming I am a user alpha
(and I have DAV:write-acl privileges
on this file). I want to allows all users in group foo,
read privileges, and user alpha
all privileges on a file I created, all I have to do is send an ACL
request through a WebDAV client or telnet as follows
ACL
/col1/myfile.html HTTP/1.1

Host: test.sun.com

Content-type: text/xml; charset="utf-8"

Content-Length: xxx

Authorization: xxx


<?xml version="1.0" encoding="utf-8"?>

<D:multistatus xmlns:D="DAV:">

  <D:acl>

    <D:ace>

      <D:principal>

         
<D:href>http://test.sun.com/magnus-internal/my-ldap-auth-db/groups/foo</D:href>

      </D:principal>

      <D:grant>

       
<D:privilege><D:read/></D:privilege>

      </D:grant>

    </D:ace>

    <D:ace>

      <D:principal>

          <D:href>http://
test.sun.com/magnus-internal/my-ldap-auth-db/users/alpha</D:href>

      </D:principal>

      <D:grant>

       
<D:privilege><D:all/></D:privilege>

      </D:grant>

    </D:ace>


  </D:acl>

</D:multistatus>


Explore WebDAV and WebDAV Access Control features and let us know,

Join the discussion

Comments ( 3 )
  • Thomas Belote Friday, October 13, 2006

    The ability to import windows file permissions to a WebDAV server would be nice.

    Does anyone know of a project to convert NTFS SACL and DACL to the RFC 3744 format?

    There is this tool to export (and import) NTFS ACL to a usable format:

    http://setacl.sourceforge.net/

    Anyone heard of a project to convert this format to the WebDAV ACL format?

  • Doug Thompson Wednesday, January 14, 2009

    Does this mean that Webserver 7 could be used as a front end to the source repository product subversion similar to apache?


  • Meena Thursday, January 15, 2009

    We have not implemented versioning extensions RFC http://webdav.org/specs/rfc3253.html yet in Web Server 7.0 (update 4). But you can always forward CHECKIN, CHECKOUT, UPDATE etc. functions to other servers supporting it. For more information about this write to http://forums.sun.com/forum.jspa?forumID=759


Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.