Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

How would I get mod_dav to use the native OS authentication instead of Apache authentication?

Apache authentication mod_dav native OS
0
Posted

How would I get mod_dav to use the native OS authentication instead of Apache authentication?

0 CommentsAdd a Comment

2 Answers

0

Given that mod_dav is just that (an apache module) you will find this…. tricky (to say the least). Apache can only write files according to unix file permissions as the user the server runs as (generally ‘nobody’). Your current options (as I see them) are: 1) Compile apache with -DBIG_SECURITY_HOLE and run it as root, thereby allowing apache to setuid as needed. This is, of course, a Bad Thing(tm) to do. 2) Run an apache instance as each user who will be accessing the system. This would be a tad annoying to implement, but not impossible. It really depends on how many users you have accessing the system. If it’s a small-ish installation (< 100 users), I don't think it would be that difficult to have a small program listening on port 80 which wil take incoming requests and fire up "httpd -c username". I can think of two ways to grab the necessary username from an incoming request. This is not what I would necessarily consider ideal either, but it would be interesting to implement. 3) W

0 CommentsAdd a Comment
0

Given that mod_dav is just that (an apache module) you will find this…. tricky (to say the least). Apache can only write files according to unix file permissions as the user the server runs as (generally ‘nobody’). Your current options (as I see them) are: 1) Compile apache with -DBIG_SECURITY_HOLE and run it as root, thereby allowing apache to setuid as needed. This is, of course, a Bad Thing(tm) to do. 2) Run an apache instance as each user who will be accessing the system. This would be a tad annoying to implement, but not impossible. It really depends on how many users you have accessing the system. If it’s a small-ish installation (< 100 users), I don't think it would be that difficult to have a small program listening on port 80 which wil take incoming requests and fire up "httpd -c username". I can think of two ways to grab the necessary username from an incoming request. This is not what I would necessarily consider ideal either, but it would be interesting to implement. 3) W

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123