Hello -
I've been experimenting with using DAV and per-user directories as a
replacement for FTP, with some success. The configuration below (minus
the rewrite rules) works as expected - authenticated users can access
their home directories using DAV with the URL
http://personalpages.domain.com/~username. Of course, they can also
access everyone elses directories, which is where the rewrite rules come
in. I have two hypothetical solutions, but haven't been able to design
a working implementation for either:
1) Rewrite incoming requests for PROPFIND, PUT, and DELETE methods so
that the request always ends in that users directory.
RewriteCond %{REQUEST_METHOD} ^(PROPFIND|PUT|DELETE)$
RewriteRule ^/~[[:alpha:]]+/(.*)$ /~%{LA-U:REMOTE_USER}/$1
If I'm understanding the documentation for mod_rewrite, the REMOTE_USER
variable should be available, but requires the use of a look-ahead.
Unfortunately in either case it doesn't seem to be set - whether or not
I use %{REMOTE_USER}, or %{LA-U:REMOTE_USER}. The resulting rewrite
logs follow beneath the configuration sample.
2) Rewrite incoming requests for an authenticated user using certain
methods to another users directory to return a 403 error. This seems
less unlikely to work as it doesn't appear Apache will allow variable
expressions in the condition string.
RewriteCond %{REQUEST_METHOD} ^(PROPFIND|PUT|DELETE)$
RewriteCond %{REQUEST_URI} !^/~%{LA-U:REMOTE_USER}/.*$
RewriteRule ^.*$ - [F]
I am only mentioning this solution in case I'm missing something
completely. The docs and the logs are consistent about this not working.
In any event, thanks in advance for your time!
Ray D.
<VirtualHost 192.168.98.32:80>
ServerAdmin [EMAIL PROTECTED]
ServerName personalpages.domain.com
ServerAlias personalpages
ServerSignature On
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel debug
CustomLog /var/log/apache2/access.log combined
ErrorLog /var/log/apache2/error.log
UserDir /home
UserDir disabled root
#AllowOverride FileInfo AuthConfig Limit
#Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
<LocationMatch ~*>
DAV On
AuthType Digest
AuthName homes.gci.net
AuthUserFile /etc/apache2/user.passwd
<LimitExcept GET HEAD OPTIONS>
Require valid-user
</LimitExcept>
</LocationMatch>
RewriteEngine On
RewriteLog /var/log/apache2/rewrite.log
RewriteLogLevel 5
RewriteCond %{REQUEST_METHOD} ^(PROPFIND|PUT|DELETE)$
RewriteRule ^/~[[:alpha:]]+/(.*)$ /~%{LA-U:REMOTE_USER}/$1
</VirtualHost>
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b4c7b8/initial] (2) init rewrite engine
with reques
ted uri /~username/
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b4c7b8/initial] (3) applying pattern
'^/~[[:alpha:]
]+/(.*)$' to uri '/~username/'
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b4c7b8/initial] (4) RewriteCond:
input='OPTIONS' pa
ttern='^(PROPFIND|PUT|DELETE)$' => not-matched
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b4c7b8/initial] (1) pass through
/~username/
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b507c8/initial] (2) init rewrite engine
with reques
ted uri /~username/
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b507c8/initial] (3) applying pattern
'^/~[[:alpha:]
]+/(.*)$' to uri '/~username/'
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b507c8/initial] (4) RewriteCond:
input='PROPFIND' p
attern='^(PROPFIND|PUT|DELETE)$' => matched
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/subreq] (2) init rewrite engine
with request
ed uri /~username/
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/subreq] (3) applying pattern
'^/~[[:alpha:]]
+/(.*)$' to uri '/~username/'
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/subreq] (4) RewriteCond:
input='GET' pattern
='^(PROPFIND|PUT|DELETE)$' => not-matched
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/subreq] (1) pass through /~username/
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b527d0/subreq] (2) init rewrite engine
with request
ed uri /~username/index.html
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b527d0/subreq] (3) applying pattern
'^/~[[:alpha:]]
+/(.*)$' to uri '/~username/index.html'
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b527d0/subreq] (4) RewriteCond:
input='GET' pattern
='^(PROPFIND|PUT|DELETE)$' => not-matched
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b527d0/subreq] (1) pass through
/~username/index.ht
ml
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b507c8/initial] (5) lookahead:
path=/~username/ var
=REMOTE_USER -> val=
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b507c8/initial] (2) rewrite
'/~username/' -> '/~/'
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b507c8/initial] (2) local path result: /~/
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b507c8/initial] (2) prefixed with
document_root to
/htdocs/~/
192.168.98.48 - - [04/May/2007:13:19:05 --0800]
[homes.gci.net/sid#80b3758][rid#8b507c8/initial] (1) go-ahead with
/htdocs/~/ [OK]
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/initial] (2) init rewrite engine
with reques
ted uri /~username/
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/initial] (3) applying pattern
'^/~[[:alpha:]
]+/(.*)$' to uri '/~username/'
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/initial] (4) RewriteCond:
input='PROPFIND' p
attern='^(PROPFIND|PUT|DELETE)$' => matched
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b527d0/subreq] (2) init rewrite engine
with request
ed uri /~username/
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b527d0/subreq] (3) applying pattern
'^/~[[:alpha:]]
+/(.*)$' to uri '/~username/'
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b527d0/subreq] (4) RewriteCond:
input='GET' pattern
='^(PROPFIND|PUT|DELETE)$' => not-matched
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b527d0/subreq] (1) pass through /~username/
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4c7b8/subreq] (2) init rewrite engine
with request
ed uri /~username/index.html
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4c7b8/subreq] (3) applying pattern
'^/~[[:alpha:]]
+/(.*)$' to uri '/~username/index.html'
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4c7b8/subreq] (4) RewriteCond:
input='GET' pattern
='^(PROPFIND|PUT|DELETE)$' => not-matched
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4c7b8/subreq] (1) pass through
/~username/index.ht
ml
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/initial] (5) lookahead:
path=/~username/ var
=REMOTE_USER -> val=
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/initial] (2) rewrite
'/~username/' -> '/~/'
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/initial] (2) local path result: /~/
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/initial] (2) prefixed with
document_root to
/htdocs/~/
192.168.98.48 - - [04/May/2007:13:19:11 --0800]
[homes.gci.net/sid#80b3758][rid#8b4e7c0/initial] (1) go-ahead with
/htdocs/~/ [OK]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]