HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   ISPConfig 3.0.3.2 & Webdav & 403 Forbidden (http://www.howtoforge.com/forums/showthread.php?t=51740)

Rescue9 4th March 2011 05:57

ISPConfig 3.0.3.2 & Webdav & 403 Forbidden
 
Here's what I've done.

I've added the following to my domain.vhost:
Code:

<IfModule mod_dav_fs.c>
# DO NOT REMOVE THE COMMENTS!
# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
# WEBDAV BEGIN
# WEBDAV END
</IfModule>

I've then created a user in the WebDav ISPConfig panel. ALL fields are filled in.

This updated the domain.vhost as such:
Code:

    <IfModule mod_dav_fs.c>
    # DO NOT REMOVE THE COMMENTS!
    # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN

      Alias /webdav/calendar /var/www/clients/client1/web2/webdav/calendar
      <Location /webdav/calendar>
        DAV On
        AuthType Digest
        AuthName "calendar"
        AuthUserFile /var/www/clients/client1/web2/webdav/calendar.htdigest
        Require valid-user
        Options +Indexes
        Order allow,deny
        Allow from all
      </Location>
    # WEBDAV END
    </IfModule>

When trying to access Webdav using cadaver as mentioned here I get the following:
Code:

cadaver http://MYDOMAIN.net/webdav/calendar
Could not open collection:
403 Forbidden

I also get a 403 Forbidden page when trying to view via web. I have done a2enmod dav, a2enmod dav_fs, and a2enmod auth_digest.

My directory permissions are as such:
Code:

root@auriga:/var/www/MYDOMAIN.net/# ls -alh
drwxrwx---  3 web2 client1  4096 2011-03-03 22:35 webdav

root@auriga:/var/www/MYDOMAIN.net/webdav# ls -alh
total 16K
drwxrwx---  3 web2 client1 4.0K 2011-03-03 22:35 .
drwxr-xr-x 15 root root    4.0K 2011-03-03 22:35 ..
drwxrwx---  2 web2 client1 4.0K 2011-03-03 22:35 calendar
-rw-r--r--  1 root root      59 2011-03-03 22:35 calendar.htdigest

The only thing I get in the apache access.log is:
Code:

72.51.174.102 - - [03/Mar/2011:22:43:11 -0600] "OPTIONS /webdav/calendar/ HTTP/1.1" 403 1809 "-" "cadaver/0.23.3 neon/0.29.0"
And in the error.log is:
Code:

[Thu Mar 03 22:35:27 2011] [error] [client 192.168.2.101] (13)Permission denied: access to /webdav/calendar denied
At no time have I ever received a login window where I can put my information in. Even in Cadaver, I just get a 403 error. I'd really appreciate any help, as I'm sure it's a permissions issue, I just can't figure out where.

till 4th March 2011 12:20

Please make sure that you have the webdav and auth modules installed and enabled as described in the latest perfect setup guides. If you installed your server some time ago before webdav support was intriduced, theny they have not been installed.

Rescue9 4th March 2011 13:28

I can only assume you're talking about the following section. If so, then yes... I have done everything in this section.

Quote:

14 Install Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, And mcrypt
Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, and mcrypt can be installed as follows:

aptitude install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby libapache2-mod-ruby

You will see the following question:

Web server to reconfigure automatically: <-- apache2
Configure database for phpmyadmin with dbconfig-common? <-- No

Then run the following command to enable the Apache modules suexec, rewrite, ssl, actions, and include (plus dav, dav_fs, and auth_digest if you want to use WebDAV):

a2enmod suexec rewrite ssl actions include

a2enmod dav_fs dav auth_digest

Restart Apache afterwards:

/etc/init.d/apache2 restart


till 4th March 2011 14:04

Have you tried a different webdav client like the builtin client from windows?

The implementation in ispconfig uses htdigest authentication and not basic authentication, so it might be nescessary that you specify the user somewhere in cadacīver or use a url like cadaver http://calendar@MYDOMAIN.net/webdav/calendar

Rescue9 4th March 2011 14:34

I've tried that as well Till. I've tried multiple clients too. I'm stuck...

EDIT: I didn't want to go messing with folder permissions as I like to let ISPConfig do what it needs to keep everything coherent across all my sites. However, I did change the permissions for the webdav folder as such from:
Code:

root@auriga:/var/www/MYDOMAIN.net# ls -al
...
drwxr-xr-x  3 root root    4096 2009-07-12 20:12 var
drwxr-xr-x 13 web2 client1  4096 2011-02-21 13:23 web
drwxrwx---  3 web2 client1  4096 2011-03-03 22:35 webdav

to:
Code:

...
drwxr-xr-x  3 root root    4096 2009-07-12 20:12 var
drwxr-xr-x 13 web2 client1  4096 2011-02-21 13:23 web
drwxrwxr-x  3 web2 client1  4096 2011-03-03 22:35 webdav

After changing these permissions, I was able to get the client to login. Seeing as how I had to change these permissions manually... is there a problem with the way ISPConfig creates the folder?

till 4th March 2011 14:46

There were problems in ispconfig 3.0.3 which has been fixed in 3.0.3.1 or 3.0.3.2. With the latest version there are no known problems. But you may post a report in the bugtracker and we can check this before 3.0.3.3 gets released.

Sander72 4th December 2011 16:05

I have the same problem on my Debian lenny setup with ISPCONFIG 3.0.4.1. At my system mod_dav is running as "www-data" which doesn't match with my webdav-permissions according to the configuration of ISPCONFIG. This is noticed before.
See below:

http://www.howtoforge.com/using-webd...n-ubuntu-9.10:
Because mod_dav is running with the privileges of the Apache user and group (both www-data on Ubuntu), we must change the owner and group of the /var/www/clients/client1/web1/web to www-data recursively (otherwise you won't be allowed to create/edit/delete files/directories using WebDAV):

If I change the owner and group to www-data, everything runs fine. But I think from version 3.03 this is not the way it should be. Has someone ideas?

See below for more information on my setup:
# add support for apache mpm_itk
<IfModule mpm_itk_module>
AssignUserId web45 client1
</IfModule>

<IfModule mod_dav_fs.c>
# Do not execute PHP files in webdav directory
<Directory /var/www/clients/client0/web45/webdav>
<FilesMatch "\.ph(p3?|tml)$">
SetHandler None
</FilesMatch>
</Directory>
# DO NOT REMOVE THE COMMENTS!
# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
# WEBDAV BEGIN

Alias /webdav/test1 /var/www/clients/client0/web45/webdav/test1
<Location /webdav/test1>
DAV On
AuthType Digest
AuthName "test1"
AuthUserFile /var/www/clients/client0/web45/webdav/test1.htdigest
Require valid-user
Options +Indexes
Order allow,deny
Allow from all
</Location>
# WEBDAV END
</IfModule>


All times are GMT +2. The time now is 04:30.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.