On Tue, Mar 29, 2005 at 12:13:19AM -0600, Georg Lehner wrote: > Hello! > > Last week I anounced a configuration script for easy installation of > Aolserver. Since then support for tDAV, nsldap, nsperm has been added > as well as other improvements. I am now also in touch with the Debian > package maintainer for aolserver and have included support for launching > Aolserver as a standalone daemon as is standard in this system. > > While working on tDAV I found out, that I were not able to configure "/" > as a DAV-share. I even got to compare Ethereal-traces of the > Browser-Server comunications but could not succeed anyway. > > At least at one place in the code I could work around a related bug: > while standard shares /dav/, for example are mangled into dav/ to create > lockfiles, the "//" share converts into "/" and the lock was created at > "/.lock". >
This is because a GET on a webdav resource may return a different result, for example if its a dynamically generated page and the webDAV supported GET should return source code for the page, and not the result. Most other systems use a seperate port, but I didn't really like that solution. I am open to suggestions. It should be possible to make it work on /. > > I have modified the code, that generates the default permissions for DAV > and call a init_tDAV proc at the end of the module. This routine check > if the authentication procedure is tdav::auth::local, for the respective > server and only then initializes the nsperm - permissions. > > For the lock and property directories I found a different directory > layuout which facilitates permission managment I would be interested to hear about this. In general the default lock and propeties implementations are for demonstration purposes only. > > Several features about tDAV are not clear to me yet: > > - directorycmd: is a configsection param. What is it meant to do? I am > missing the directorylisting, but setting directorycmd to a respective > tcl-procedure did not yield anything. > I think this is to return a directory listing if someone does a GET on a directory. WebDAV does not define GET for "collections". > - redirects: What are the redirects for? These are to define an alternative URL for a file or location. If you are storing data stright in the filesystem, a symlink would do the job similarly. > > - GET: is it possible to let the GET command be realized by fastpath > instead of the tDAV GET implementation? Yes originally it worked that way. For various reasons it was changed. It should be possible to support both methods by a configuration parameter. > > ------------ > > nsperm: > > The init.tcl file of this module reads files from the filesystem, after > the server has start up. This, and my wish to hand over configuration > to the initial startup led me to develop an alternative approach for > permission configuration. > > With my init.tcl implementation you would set up several ns_section's > for defining users, group and permissions. These are set by the initial > .tcl config file, and then read by the new nsperm - init.tcl. This > aleviates the need to manage files with credentials inside a chroot'ed > aolserver process' filesystem. > > Also with nsperm I have a question: > > While reading the c-code I find that the "AddUserCmd" function just > checks if the fifth argument is -allow or -deny. The rest of the > parameters are interpreted as hostnames. > > However the standard init.tcl init_nsperm proc forms commandlines with > possibly several alternating -allow and -deny branches like: > > ns_perm adduser usr pwd usrname -allow hosta hostb -deny hostc hostd > > I hope I am just missing something here. Ns_perm is also used as a demonstration here. The work I do with webdav authenticates from a database. Any suggestions on how to improve nsperm support are welcome. Dave > > ----------------- > > Best Regards, > > Jorge-Le?n > > ----------- > P.S.: My files are at http://www.magma.com.ni/sw/aolserver/ > > > -- > AOLserver - http://www.aolserver.com/ > > To Remove yourself from this list, simply send an email to <[EMAIL > PROTECTED]> with the > body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: > field of your email blank. -- Dave Bauer [EMAIL PROTECTED] http://www.thedesignexperience.org -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
