[roadrunner's mailservers went down, sorry if this shows up twice] OK, it's been a while, and I don't use this anymore, becuase there's only one site that uses webdav, but this should allow you to limit uploads to the virtual sites that use webdav.
Put the following lines into the <VirtualHost></VirtualHost> section of httpd.conf file. Make sure to modify it for the site your working on. Alias /sitefiles/ /home/sites/site4/web/ <Location /sitefiles> DAV On ForceType text/plain <Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK> AuthType basic AuthName SiteFiles Require group site4 </Limit> </Location> I should tell you what that does. First, the ForceType text/plain is not required, but if your site has an index.php, then you won't be able to upload unless you disable PHP. Likewise if your site is index.cgi or index.pl, you'll get the same problem. The Limit statement prevents anyone from using webdav for anything at all, unless they are in the group site4. This is important to consider. It does not say, "unless they are a siteadmin for site4", it says "if they are a member of site4". I don't know how to require them to be in two groups, which is the only way I know of to require the uploader to be a siteadmin. All users for a site are part of the group site4 (where 4 is the site number), and all site admins are members of the group site-adm. It would be nice if you specify two groups that the server would say that you have to be a member of site4 AND site-adm. I think that if you specify more than one group though, they get an OR put between them, and you wouldn't want siteadmins from site3 to have access to site4. Of course to use the above you will have to already have put in the other stuff for webdav, such as: Loadmodule dav_module libexec/libdav.so Addmodule mod_dav.c DAVLockDB /tmp/DAVLock DAVMinTimeout 600 Here are some cool things I would like to see somebody do with this. 1, move this out of the VirtualHost section and create some rewrite rules so that if someone requests http://<SITE_NAME>/~user/sitefiles or possibly http://<SITE_NAME/sitefiles/~user it will show the person's user directory. 2, figure out how to AND two groups together so that they can limit access to siteadmins 3, create an admin form so that you can put check boxes next to sites that should have Dav enabled. I've laid the ground work, and I'm happy to help anyway that I can with the above, but I don't have the time to do the work completely. Hope this is useful to someone, Matt Nuzum _______________________________________________ cobalt-developers mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-developers
