2007-08-09

Howto setup Apache 2.2.4 + WebDAV under Windows XP in 5 minutes

I like to use WebDAV for maven deployments : it's simple, go through most firewalls, can be secured... it's really a nice protocol. For testing purposes (and because WebDAV is currenlty broken in Proximity), I'm running Apache 2 + WebDAV under Ubuntu on my laptop and honestly, it was a piece of cake to get it working. But today, because one of my customer who is using a Win 2K server was facing really strange issues with his setup, I decided to install Apache 2 + WebDAV under Windows XP. My goal is to configure a DAV access to a remote directory with universal read-access but restricted writes. Here are the steps :

1. Download and install the latests Apache 2.2 release for Windows. In my case, I downloaded apache_2.2.4-win32-x86-no_ssl.msi and installed it for "All Users, on port 80, as a Service", in C:\Program Files\Apache Software Foundation\Apache2.2\.

2. Create a C:/Program Files/Apache Software Foundation/Apache2.2/var directory, right click on it, select the Security tab, go to the Advanced Parameters, select the Owner tab and select Administrator as owner.

Note: According to this article in the Microsoft Knowledge Base:
If the Security tab is not available, and if you cannot configure permissions for users and groups, either the file or folder that you want to apply permissions to is not an NTFS drive, or simple file sharing is enabled. To troubleshoot, follow these steps
  1. Verify that the file or folder that you want to apply permissions to is an NTFS drive. You can set permissions only on drives that are formatted to use NTFS.
  2. By default, simplified sharing is enabled in Windows XP unless you are on a domain. To work around this behavior, disable Simplified Sharing.


Disabling Simplified Sharing can be done as explained in the same article

3. Repeat the operation for C:/Program Files/Apache Software Foundation/Apache2.2/uploads.

4. Then execute the following command from apache bin directory: htdigest -c "C:/Program Files/Apache Software Foundation/Apache2.2/user.passwd" DAV-upload admin.

5. Edit C:/Program Files/Apache Software Foundation/Apache2.2/httpd.conf, activate the following modules: mod_dav, mod_dav_fs, mod_setenvif, mod_alias, mod_auth_digest, mod_authn_file. Uncomment the line: #Include conf/extra/httpd-dav.conf.

6. Restart Apache

7. Download and install Cadaver, a command-line WebDAV client for unix. Wait, it's a Unix tool... The good news is that it has been ported under Cygwin. Download Cygwin and install the cadaver package!

8. Open cygwin and launch: cadaver http://localhost/uploads

pthivent@pthivent-laptop ~ $ echo "bar" > foo.txt
pthivent@pthivent-laptop ~ $ cadaver http://localhost/uploads

Authentication required for DAV-upload on server `localhost':
Username: admin
Password:
dav:/uploads/> put foo.txt
Uploading foo.txt to `/uploads/foo.txt':
Progress: [=============================>] 100.0% of 401 bytes succeeded.
dav:/uploads/> ls
Listing collection `/uploads/': succeeded.
*foo.txt 4 Aug 10 00:16
dav:/uploads/>

Ok, dav and authentication are working, authentication a bit too much actually. I should be able to browse without authentication. Let's have a look at apache access.log. When executing cadaver http://localhost/uploads, the following entries are logged in the access file:

127.0.0.1 - - [10/Aug/2007:02:22:37 +0200] "OPTIONS /uploads/ HTTP/1.1" 200 -
127.0.0.1 - - [10/Aug/2007:02:22:37 +0200] "PROPFIND /uploads/ HTTP/1.1" 401 401

But in C:/Program Files/Apache Software Foundation/Apache2.2/extra/httpd-dav.conf, only GET and OPTIONS don't require authentication.

9. I decide to add PROPFIND to the LimitExcept list, restart Apache and execute cadaver again:

pthivent@pthivent-laptop ~ $ echo "foo" > bar.txt
pthivent@pthivent-laptop ~ $ cadaver http://localhost/uploads
dav:/uploads/> put bar.txt
Uploading bar.txt to `/uploads/bar.txt':
Progress: [=============================>] 100.0% of 401 bytes
Authentication required for DAV-upload on server `localhost':
Username: admin
Password:
succeeded.
dav:/uploads/>

Sweet, it's now working.

10. Let's try a Windows "Web Folder" now, just for the fun. Go to your "Windows network places" and "Add a network place" pointing on http://localhost/uploads... Open the location, browse it. Try to create a file/directory. Provide the required credentials :)

11. Finally, open http://localhost/uploads in IE.

Forbidden

You don't have permission to access /uploads/ on this server.

Strange, this is not what I was expecting... Let's check the error.log :

[Fri Aug 10 02:36:35 2007] [error] [client 127.0.0.1] Directory index forbidden by Options directive: C:/Program Files/Apache Software Foundation/Apache2.2/uploads/

12. Well, that's perfectly clear. Let me authorize this in the httpd-dav.conf with an Options Indexes in the uploads Directory directive.

13. Restart Apache... open IE, check again and... browse your directory this time!

Just to summarize, below a diff between the original httpd.conf and the modified one:

pthivent@pthivent-laptop /cygdrive/c/Program Files/Apache Software Foundation/Apache2.2/conf $ diff httpd.conf default/httpd.conf
71c71
< LoadModule auth_digest_module modules/mod_auth_digest.so
---
> #LoadModule auth_digest_module modules/mod_auth_digest.so
84,85c84,85
< LoadModule dav_module modules/mod_dav.so
< LoadModule dav_fs_module modules/mod_dav_fs.so
---
> #LoadModule dav_module modules/mod_dav.so
> #LoadModule dav_fs_module modules/mod_dav_fs.so
469c469
< Include conf/extra/httpd-dav.conf
---
> #Include conf/extra/httpd-dav.conf

pthivent@pthivent-laptop /cygdrive/c/Program Files/Apache Software Foundation/Apache2.2/conf $


And this is a diff between the original httpd-dav.conf and the mofified one:

pthivent@pthivent-laptop /cygdrive/c/Program Files/Apache Software Foundation/Apache2.2/conf $ diff extra/httpd-dav.conf default/httpd-dav.conf
20d19
< Options Indexes
34c33
< <LimitExcept GET OPTIONS PROPFIND>
---
> <LimitExcept GET OPTIONS>

pthivent@pthivent-laptop /cygdrive/c/Program Files/Apache Software Foundation/Apache2.2/conf $


Now, let's see how this works under Windows 2K.

18 comments:

  1. Thanks for posting this. It is very clear and worked for me.

    One small thing is the reference to setting the folder ownership. As one who is not familiar with Windows, my Properties dialog did not include the tabs you describe. It did not keep me from succeeding though.

    Nice write up!

    ReplyDelete
  2. You're welcome. Happy to know it has been helpful for you.

    About the folder ownership, you're right, a reference to activate the Security Tab is missing. I'll update the post.

    Thanks for pointing this out.

    ReplyDelete
  3. Thanks for this little how-to, it has been helpful. One small thing im sure, being new to apache/webDAV, im still trying to fin my way around and i'm it is self explanatory to most but when i do the \put hello.txt i get the following error

    dav:/uploads/> put hello.txt
    Uploading hello.txt to `/uploads/hello.txt': Could not open file: No such file o
    r directory
    dav:/uploads/>

    I assume i was suppose to create this file somewhere, but i cant seem to find where it is grabbing it from... thanks in advance.

    ReplyDelete
  4. I didn't mention I created this hello.txt file on the fly, just for testing purposes, before to launch cadaver. This file was in my user home (~) directory under cygwin. This is indeed not obvious and your assumption is right. Sorry if this wasn't clear. I've slightly modified the post to fix this.

    And BTW, when using cadaver, you can use the "local" lls, lcd, lpwd commands to manipulate the local or source folder. Check the interactive help for exhaustive informations.

    ReplyDelete
  5. Hi there ! Another "THANKS mate" for posting this : it probably saved me a whole bunch of painful hours.

    My "Apache WebDAV under XP" is operational right now, but i have to stress out that :
    - i didn't succeed in using cadaver to test WebDAV. The command "cadaver http://localhost/uploads" just... did nothing. It might be some not-installed Cygwin package, though, since this is this first time i use Cygwin, there's a *lot* i don't know about it. FWIW, Apache's "access.log" didn't trace any connexion attempt during this phase.
    - Nor did i succeed to use the Windows "Web Folders". First, it was painfully *slow*. Specifying the port number during the "web folder assistant" (ie. http://localhost:80/uploads) helped a lot to speed up the process of accessing the WebDAV folder (see http://en.wikipedia.org/wiki/WebDAV, "Microsoft Windows clients" chapter). But even at "full" speed, i never passed the passwords check, just like the password i entered was wrong. Since it worked perfectly publishing a Sunbird calendar, i assume there's something wrong with WebDAV folders on my Explorer.

    Thanks again for this brilliant how-to !

    ReplyDelete
  6. in addition to specifying the port, adding the user name to the url supposedly forces old skool auth method. like: http://user@server:port/folder

    ReplyDelete
  7. Thank you - very helpful

    ReplyDelete
  8. thanks for your post
    eclipse webdav plugin is working well with 
    apache webdav ^^ 

    ReplyDelete
  9. Your are started with windows and finally finished in unix.

    ReplyDelete
  10. Hello! This post couldn't be written any better! Reading through this post reminds me of my previous room mate! He always kept talking about this. I will forward this write-up to him. Pretty sure he will have a good read. Thank you for sharing!

    Look at my site - Air Jordan

    ReplyDelete
  11. Hi there I am so thrilled I found your web site, I really found you by error, while
    I was searching on Google for something else, Nonetheless I am here
    now and would just like to say thanks for a marvelous post
    and a all round interesting blog (I also love
    the theme/design), I don’t have time to go through it all at the minute but I have book-marked it and also added your RSS
    feeds, so when I have time I will be back to read a
    great deal more, Please do keep up the excellent b.


    My web site - nfl jerseys cheap

    ReplyDelete
  12. Hi there colleagues, fastidious post and nice urging commented
    here, I am genuinely enjoying by these.

    Also visit my web page ... garcinia cambogia extract

    ReplyDelete
  13. Good day! This is my first visit to your blog! We are a team of volunteers and starting a new project in a community in
    the same niche. Your blog provided us useful information to work
    on. You have done a outstanding job!

    Feel free to surf to my weblog ... visit This Link

    ReplyDelete
  14. I am truly grateful to the owner of this web site who has shared this enormous
    post at here.

    Feel free to surf to my blog :: Sac Louis Vuitton Pas Cher

    ReplyDelete
  15. Unquestionably believe that which you said. Your
    favorite justification appeared to be on the internet the easiest thing to
    be aware of. I say to you, I definitely get annoyed while people think about worries that they plainly do not know about.

    You managed to hit the nail upon the top and defined out the whole thing without having side-effects , people can take a signal.
    Will likely be back to get more. Thanks

    my page; Abercrombie Pas Cher

    ReplyDelete
  16. Hi there! Someone in my Facebook group shared this site with us so I came to check it out.
    I'm definitely enjoying the information. I'm bookmarking and will be tweeting this to my followers!
    Terrific blog and wonderful style and design.

    My blog post - Boutique Air Jordan

    ReplyDelete
  17. Sony Bravia Kdl55nx810 Is among the most Greatest a model in
    3d Led Flat screen tv Sony

    Also visit my web blog ... euro casino

    ReplyDelete