Hello
I would like to know if the following is possible with NGINX :
Setup a PERSONAL webdav access to our users, that is giving
access to their unix home directories thru a secure webdav.
If I understand well the main problem is the httpd process
has to switch to the user’s identity after authentication ( LDAP )
to let him have RW access to his workspace.
Is it possible with the nginx beast ?
If yes, links to documentation would be welcome !
Thank you
On 23/04/2012 08:50, Frank B. wrote:
to let him have RW access to his workspace.
Is it possible with the nginx beast ?
If yes, links to documentation would be welcome !Thank you
Another option seems to be to run a webdav client via some kind of CGI.
There is a PHP library which gets plenty of recommendations. I’m going
to be investigating the Mojolicious webdav library because it looks easy
to extend and integrate into my environment (depends if you have the
capability to do some development). There is also a promising looking
Perl DAV implementation
I also came across a dav implementation testing tool. Don’t have the
name at my fingertips, but it seems like a rather good idea to run it
against your proposed implementation to at least baseline the kinds of
issues you can look forward to later.
If you want to use nginx then I think it works ok if you collect
together the various patches and apply permissions via nginx permission
levels. Not tried though as I decided the authentication wasn’t likely
to be flexible enough for my needs (probably the fastest option though?)
Good luck
Ed W
On 04/23/2012 03:52 PM, Ed W wrote:
has to switch to the user’s identity after authentication ( LDAP )
it looks easy to extend and integrate into my environment (depends if
permission levels. Not tried though as I decided the authentication
wasn’t likely to be flexible enough for my needs (probably the fastest
option though?)Good luck
Ed W
Hello
I’m affraid not being a developper only an admin 
I was asking in case of such function do exists …
I really think it would be a great help for our users
but I am unable to write it …
anyway thanks for your answer/explains !
On 04/23/2012 03:52 PM, Ed W wrote:
has to switch to the user’s identity after authentication ( LDAP )
it looks easy to extend and integrate into my environment (depends if
permission levels. Not tried though as I decided the authentication
wasn’t likely to be flexible enough for my needs (probably the fastest
option though?)Good luck
Ed W
hello again
maybe there are “cloud like” applications running under nginx ?
my goal is to let users manage their workspace thru user friendly
interfaces , webdav seems a solution IF the http server know how
to switch to userid. I know this is a potential security problem but
I also know there are really GOOD programmers around there
This function would be really practical with mobile devices.
On Mon, Apr 23, 2012 at 09:50:26AM +0200, Frank B. wrote:
Hi there,
Setup a PERSONAL webdav access to our users, that is giving
access to their unix home directories thru a secure webdav.If I understand well the main problem is the httpd process
has to switch to the user’s identity after authentication ( LDAP )
to let him have RW access to his workspace.
Untested; but I would suggest running one webdav instance per user,
under that userid.
Then run one “public” web server, which checks identity and does a
proxy_pass or something similar to the correct webdav instance.
That way the httpd process doesn’t have to care about switching
identities; it just acts as a client to another service which has the
right identity already.
(Depending on how you choose to deploy the webdav server, it may
be pure-nginx, or it may include something like a separate fastcgi
server. The userid of whatever process is accessing the files will need
to be correct.)
Is it possible with the nginx beast ?
If yes, links to documentation would be welcome !
You can “listen” on a unix:path, and you can “proxy_pass” to that
path, choosing which one to used based on a variable set based on the
authenticated user.
So after you have webdav access as a single user working, you just
repeat
that setup.
Francis D. [email protected]
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs