ISPConfig 3.0.3.2 & Webdav & 403 Forbidden

Discussion in 'Installation/Configuration' started by Rescue9, Mar 4, 2011.

  1. Rescue9

    Rescue9 HowtoForge Supporter

    Here's what I've done.

    I've added the following to my domain.vhost:
    Code:
    <IfModule mod_dav_fs.c>
    # DO NOT REMOVE THE COMMENTS!
    # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
    # WEBDAV BEGIN
    # WEBDAV END
    </IfModule>
    I've then created a user in the WebDav ISPConfig panel. ALL fields are filled in.

    This updated the domain.vhost as such:
    Code:
        <IfModule mod_dav_fs.c>
        # DO NOT REMOVE THE COMMENTS!
        # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
          # WEBDAV BEGIN
    
          Alias /webdav/calendar /var/www/clients/client1/web2/webdav/calendar
          <Location /webdav/calendar>
            DAV On
            AuthType Digest
            AuthName "calendar"
            AuthUserFile /var/www/clients/client1/web2/webdav/calendar.htdigest
            Require valid-user
            Options +Indexes
            Order allow,deny
            Allow from all
          </Location>
        # WEBDAV END
        </IfModule>
    
    
    When trying to access Webdav using cadaver as mentioned here I get the following:
    Code:
    cadaver http://MYDOMAIN.net/webdav/calendar
    Could not open collection:
    403 Forbidden
    
    I also get a 403 Forbidden page when trying to view via web. I have done a2enmod dav, a2enmod dav_fs, and a2enmod auth_digest.

    My directory permissions are as such:
    Code:
    root@auriga:/var/www/MYDOMAIN.net/# ls -alh
    drwxrwx---  3 web2 client1  4096 2011-03-03 22:35 webdav
    
    root@auriga:/var/www/MYDOMAIN.net/webdav# ls -alh
    total 16K
    drwxrwx---  3 web2 client1 4.0K 2011-03-03 22:35 .
    drwxr-xr-x 15 root root    4.0K 2011-03-03 22:35 ..
    drwxrwx---  2 web2 client1 4.0K 2011-03-03 22:35 calendar
    -rw-r--r--  1 root root      59 2011-03-03 22:35 calendar.htdigest
    
    The only thing I get in the apache access.log is:
    Code:
    72.51.174.102 - - [03/Mar/2011:22:43:11 -0600] "OPTIONS /webdav/calendar/ HTTP/1.1" 403 1809 "-" "cadaver/0.23.3 neon/0.29.0"
    
    And in the error.log is:
    Code:
    [Thu Mar 03 22:35:27 2011] [error] [client 192.168.2.101] (13)Permission denied: access to /webdav/calendar denied
    
    At no time have I ever received a login window where I can put my information in. Even in Cadaver, I just get a 403 error. I'd really appreciate any help, as I'm sure it's a permissions issue, I just can't figure out where.
     
  2. till

    till Super Moderator

    Please make sure that you have the webdav and auth modules installed and enabled as described in the latest perfect setup guides. If you installed your server some time ago before webdav support was intriduced, theny they have not been installed.
     
  3. Rescue9

    Rescue9 HowtoForge Supporter

    I can only assume you're talking about the following section. If so, then yes... I have done everything in this section.

     
  4. till

    till Super Moderator

    Have you tried a different webdav client like the builtin client from windows?

    The implementation in ispconfig uses htdigest authentication and not basic authentication, so it might be nescessary that you specify the user somewhere in cadacĀ“ver or use a url like cadaver http://calendar@MYDOMAIN.net/webdav/calendar
     
  5. Rescue9

    Rescue9 HowtoForge Supporter

    I've tried that as well Till. I've tried multiple clients too. I'm stuck...

    EDIT: I didn't want to go messing with folder permissions as I like to let ISPConfig do what it needs to keep everything coherent across all my sites. However, I did change the permissions for the webdav folder as such from:
    Code:
    root@auriga:/var/www/MYDOMAIN.net# ls -al
    ...
    drwxr-xr-x  3 root root     4096 2009-07-12 20:12 var
    drwxr-xr-x 13 web2 client1  4096 2011-02-21 13:23 web
    drwxrwx---  3 web2 client1  4096 2011-03-03 22:35 webdav
    to:
    Code:
    ...
    drwxr-xr-x  3 root root     4096 2009-07-12 20:12 var
    drwxr-xr-x 13 web2 client1  4096 2011-02-21 13:23 web
    drwxrwxr-x  3 web2 client1  4096 2011-03-03 22:35 webdav
    
    After changing these permissions, I was able to get the client to login. Seeing as how I had to change these permissions manually... is there a problem with the way ISPConfig creates the folder?
     
    Last edited: Mar 4, 2011
  6. till

    till Super Moderator

    There were problems in ispconfig 3.0.3 which has been fixed in 3.0.3.1 or 3.0.3.2. With the latest version there are no known problems. But you may post a report in the bugtracker and we can check this before 3.0.3.3 gets released.
     
  7. Sander72

    Sander72 New Member

    I have the same problem on my Debian lenny setup with ISPCONFIG 3.0.4.1. At my system mod_dav is running as "www-data" which doesn't match with my webdav-permissions according to the configuration of ISPCONFIG. This is noticed before.
    See below:

    http://www.howtoforge.com/using-webdav-with-ispconfig-3-on-ubuntu-9.10:
    Because mod_dav is running with the privileges of the Apache user and group (both www-data on Ubuntu), we must change the owner and group of the /var/www/clients/client1/web1/web to www-data recursively (otherwise you won't be allowed to create/edit/delete files/directories using WebDAV):

    If I change the owner and group to www-data, everything runs fine. But I think from version 3.03 this is not the way it should be. Has someone ideas?

    See below for more information on my setup:
    # add support for apache mpm_itk
    <IfModule mpm_itk_module>
    AssignUserId web45 client1
    </IfModule>

    <IfModule mod_dav_fs.c>
    # Do not execute PHP files in webdav directory
    <Directory /var/www/clients/client0/web45/webdav>
    <FilesMatch "\.ph(p3?|tml)$">
    SetHandler None
    </FilesMatch>
    </Directory>
    # DO NOT REMOVE THE COMMENTS!
    # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
    # WEBDAV BEGIN

    Alias /webdav/test1 /var/www/clients/client0/web45/webdav/test1
    <Location /webdav/test1>
    DAV On
    AuthType Digest
    AuthName "test1"
    AuthUserFile /var/www/clients/client0/web45/webdav/test1.htdigest
    Require valid-user
    Options +Indexes
    Order allow,deny
    Allow from all
    </Location>
    # WEBDAV END
    </IfModule>
     

Share This Page