193354 – www-servers/apache-2.2.6. mod_dav default configuration does not work: wedav access denied

Bug 193354 - www-servers/apache-2.2.6. mod_dav default configuration does not work: wedav access denied

Summary: www-servers/apache-2.2.6. mod_dav default configuration does not work: wedav ...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All All

Importance:	High normal
Assignee:	Apache Team - Bugzilla Reports

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2007-09-21 17:47 UTC by Jon
Modified:	2007-09-21 20:08 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jon 2007-09-21 17:47:26 UTC

Hi,

I was trying to set up WebDav on my Gentoo Linux machine for web development from my windows machine. I used the default configuration file 45_mod_dav.conf, and added in the needed directories and did the username and password just like it said in the file. I never set up WebDav before, so I wanted everything default to test it out until I was comfortable with modifying it for my needs.

However, after I did everthing and made sure that the directories were chown'ed to apache:apache, I tried logging in with a WebDav client to test it, but I kept getting 403: Access Denied errors.

After spending about 5 hours researching and reading, I found a sample config that had three lines in it that I didn't have:
Options Indexes FollowSymLinks
order allow,deny
allow from all

After adding these three lines in there, the default config, with no other modifications worked perfectly. I know nothing about configuring apache, so I do not know which of the three lines did it, but it all worked after that. I would like to request that these lines are added to the default config, so that it all works out of the box for others. To show where they go I will post a larger portion of the config file.

<IfDefine DAV>
<IfModule dav_module>
<IfModule dav_fs_module>
DavLockDB "/var/lib/dav/lockdb"

# The following example gives DAV write access to a directory called
# "uploads" under the ServerRoot directory.
<IfModule alias_module>
<IfModule auth_digest_module>
<IfModule authn_file_module>
Alias /uploads "/var/www/localhost/htdocs/testing"

<Directory "/var/www/localhost/htdocs/testing">
Dav On

Options Indexes FollowSymLinks
order allow,deny
allow from all

AuthType Digest
AuthName DAV-upload
# You can use the htdigest program to create the password database:
# htdigest -c "/var/www/.htpasswd-dav" DAV-upload admin
AuthUserFile "/var/www/.htpasswd-dav"

# Allow universal read-access, but writes are restricted
# to the admin user.
<LimitExcept GET OPTIONS>
require user admin
</LimitExcept>
</Directory>
</IfModule>
</IfModule>
</IfModule>

</IfModule>
</IfModule>

Reproducible: Always

Steps to Reproduce:
To reproduce this, just do a default install, make sure that -D DAV is in /etc/conf.d/apache, and then add a user and the directoris making sure they are owned by the apache user and group. Finally, restart apache to activate all the changes. The 403 Access Denied error came up everytime.

I use a ~x86 system with the newest version of Apache in the tree, at the time of this report it's version 2.2.6. After adding those three lines, it all worked fine and I was able to modify the config to use directories that I needed.

Comment 1 Benedikt Böhm (RETIRED) gentoo-dev

2007-09-21 20:08:18 UTC

fixed in 2.2.6-r1