Configuring WebDAV for cross-platform file sharing
Web-based Distributed Authoring and Versioning (WebDAV) is an often-overlooked protocol that can provide cross-platform file sharing with minimal client-side configuration. This article explains how to configure WebDAV servers on Windows with IIS, on Mac OS X and Linux with Apache, and how to connect using built-in WebDAV clients on all three OSes.
Windows as the WebDAV Server
WebDAV is built in to IIS 5 and later versions. On Windows XP, WebDAV is enabled by default when IIS is running. To enable IIS on Windows XP Pro, install it from Add/Remove programs, Add/Remove Windows Components. Drill down into the IIS component details in the Add/Remove dialog and choose to add the World Wide Web sub-sub-component as shown below. Follow the prompts to install and start IIS:
Once IIS is installed and running, create a folder to share. In this example, we will use f:webdav. To enable WebDAV for a particular folder, browse to it in Windows Explorer, right-click the folder, choose properties, and go to the Web Sharing tab:
Choose the Share this Folder radio button, and set Read, Write, and Directory browsing access permissions, and no Application permissions. The alias listed here is the name IIS will use, and by default is the same as the folder name:
In the IIS MMC console, you’ll now see your shared folder listed as a new virtual directory in the Default Web Site. At this point, the folder is accessible via WebDAV. For increased security, install an SSL certificate and force 128 bit encryption for the webdav virtual directory. For this example, we will stick with the default Windows Integrated Authentication.
OS X as the WebDAV Server
To enable Apache on OS X, go to System Preferences, Sharing, and turn on Personal Web Sharing:
In httpd.conf, uncomment the mod_dav module lines:
$ <strong>sudo vi /etc/httpd/http.conf</strong> .. #LoadModule unique_id_module libexec/httpd/mod_unique_id.so LoadModule setenvif_module libexec/httpd/mod_setenvif.so <strong>LoadModule dav_module libexec/httpd/libdav.so</strong> .. AddModule mod_so.c AddModule mod_setenvif.c <strong>AddModule mod_dav.c</strong>
Still in httpd.conf, add a path for the DAVLockDB and a directory definition that points to the folder to be shared. This Apache configuration requests unencrypted passwords. To increase security, install an SSL certificate and configure the webdav directory to only accept SSL connections:
.. <strong>DAVLockDB /Library/WebServer/davlocks/DAVLockDB <Directory "/Library/WebServer/Documents/webdav"> DAV On AuthName "WebDAV Login" AuthType Basic AuthUserFile /etc/httpd/.htpasswd <LimitExcept GET HEAD OPTIONS> require valid-user </LimitExcept> Order allow,deny Allow from all </Directory></strong>
Now create the directories and set permissions:
$ <strong>sudo su</strong> # <strong>mkdir /Library/WebServer/davlocks</strong> # <strong>chown www:www /Library/WebServer/davlocks</strong> # <strong>mkdir /Library/WebServer/Documents/webdav</strong> # <strong>chown www:www /Library/WebServer/Documents/webdav</strong>
Finally, create the user and password file and restart the httpd daemon:
# <strong>htpasswd -m -c /etc/httpd/.htpasswd testuser</strong> New password: Re-type new password: Adding password for user testuser # <strong>apachectl restart</strong> /usr/sbin/apachectl restart: httpd restarted
Linux as the WebDAV Server:
On Linux, use your favorite package manager to install Apache. Most distributions will use Apache httpd 2.0 which has mod_dav built-in, so the only editing of the httpd.conf file needed are the DAVLockDB and Directory definitions. Note that you can also authenticate against Active Directory or LDAP using the mod_auth_kerb or mod_auth_ldap Apache modules. For this example, we’ll stick with using htpasswd:
$ <strong>sudo vi /etc/httpd/conf/http.conf</strong> .. <strong>DAVLockDB /usr/local/apache/var/DAVLockDB <Directory "/var/www/html/webdav"> DAV On AuthName "WebDAV Login" AuthType Basic AuthUserFile /etc/httpd/.htpasswd <LimitExcept GET HEAD OPTIONS> require valid-user </LimitExcept> Order allow,deny Allow from all </Directory></strong>
Now create the directories and set permissions:
$ <strong>sudo su</strong> # <strong>mkdir /usr/local/apache/var</strong> # <strong>chown apache:apache /usr/local/apache/var</strong> # <strong>mkdir /var/www/html/webdav</strong> # <strong>chown www:www /var/www/html/webdav</strong>
Finally, on Linux create the user and password file and restart the httpd daemon:
# <strong>htpasswd -m -c /etc/httpd/.htpasswd testuser</strong> New password: Re-type new password: Adding password for user testuser # <strong>/sbin/service httpd restart</strong> Stopping httpd: [ OK ] Starting httpd: [ OK ]
Now let’s try it out by connecting some clients!
Windows as the WebDAV Client
In Internet Explorer, go to File Open, check the Open as Web Folder box, and type in the URL of the shared folder. Note: When connecting over non-SSL connections, append a “/#” to the URL here. Windows XP has two built-in methods for connecting via WebDAV. Appending /# is a workaround that forces the use of the Web Folder Client connection, which will authenticate successfully to the WebDav-enabled folder as configured here.
Click OK to open the URL and you will be prompted to login. Enter the username in the form of Domainusername. If you are logging in to IIS using a non-domain local computer account, enter the username in the form of computernameusername, where computername is the hostname of the IIS server. When connecting to Apache as configured here, enter the username and password that you created using the htpasswd command.
On successful login, the WebDAV share opens in a new Windows Explorer window, and a shortcut is added to My Network Places. You can now drag and drop files between this window and the local computer, and edit Microsoft Office documents directly.
OS X as the WebDAV Client
To connect in Finder, choose Go / Connect to server (command-K). Type in the WebDAV server URL and click Connect:
At the login prompt, fill in domain name, username and password. If you are logging in to IIS using a non-Domain account, enter the IIS server computer name in the Domain box. When connecting to Apache, enter the username and password created with htpasswd:
On successful login, the WebDAV folder is mounted:
Linux as the WebDAV Client
To connect on Linux using Konqueror, type in the URL in the address bar using webdav:// instead of http:// . At the login prompt, enter domainusername or computernameusername in the username box when connecting to IIS. When connecting to Apache, the username as configured here is testuser:
On successful login, the WebDAV folder is connected:
On all platforms, WebDAV provides some basic file-locking to prevent simultaneous file modifications. Permissions are handled by the underlying file systems and cannot be modified remotely. WebDAV has some limitations, but can be an easy solution for firewall-friendly cross-platform file sharing.