ISPConfig 3.0.3.2 & Webdav & 403 Forbidden

Here's what I've done.

I've added the following to my domain.vhost:

Code:

<IfModule mod_dav_fs.c>
# DO NOT REMOVE THE COMMENTS!
# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
# WEBDAV BEGIN
# WEBDAV END
</IfModule>

I've then created a user in the WebDav ISPConfig panel. ALL fields are filled in.

This updated the domain.vhost as such:

Code:

    <IfModule mod_dav_fs.c>
    # DO NOT REMOVE THE COMMENTS!
    # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN

      Alias /webdav/calendar /var/www/clients/client1/web2/webdav/calendar
      <Location /webdav/calendar>
        DAV On
        AuthType Digest
        AuthName "calendar"
        AuthUserFile /var/www/clients/client1/web2/webdav/calendar.htdigest
        Require valid-user
        Options +Indexes
        Order allow,deny
        Allow from all
      </Location>
    # WEBDAV END
    </IfModule>

When trying to access Webdav using cadaver as mentioned here I get the following:

Code:

cadaver http://MYDOMAIN.net/webdav/calendar
Could not open collection:
403 Forbidden

I also get a 403 Forbidden page when trying to view via web. I have done a2enmod dav, a2enmod dav_fs, and a2enmod auth_digest.

My directory permissions are as such:

Code:

root@auriga:/var/www/MYDOMAIN.net/# ls -alh
drwxrwx---  3 web2 client1  4096 2011-03-03 22:35 webdav

root@auriga:/var/www/MYDOMAIN.net/webdav# ls -alh
total 16K
drwxrwx---  3 web2 client1 4.0K 2011-03-03 22:35 .
drwxr-xr-x 15 root root    4.0K 2011-03-03 22:35 ..
drwxrwx---  2 web2 client1 4.0K 2011-03-03 22:35 calendar
-rw-r--r--  1 root root      59 2011-03-03 22:35 calendar.htdigest

The only thing I get in the apache access.log is:

Code:

72.51.174.102 - - [03/Mar/2011:22:43:11 -0600] "OPTIONS /webdav/calendar/ HTTP/1.1" 403 1809 "-" "cadaver/0.23.3 neon/0.29.0"

And in the error.log is:

Code:

[Thu Mar 03 22:35:27 2011] [error] [client 192.168.2.101] (13)Permission denied: access to /webdav/calendar denied

At no time have I ever received a login window where I can put my information in. Even in Cadaver, I just get a 403 error. I'd really appreciate any help, as I'm sure it's a permissions issue, I just can't figure out where.

 

Please make sure that you have the webdav and auth modules installed and enabled as described in the latest perfect setup guides. If you installed your server some time ago before webdav support was intriduced, theny they have not been installed.

 

I can only assume you're talking about the following section. If so, then yes... I have done everything in this section.

 

Have you tried a different webdav client like the builtin client from windows?

The implementation in ispconfig uses htdigest authentication and not basic authentication, so it might be nescessary that you specify the user somewhere in cadac´ver or use a url like cadaver http://calendar@MYDOMAIN.net/webdav/calendar

 

I've tried that as well Till. I've tried multiple clients too. I'm stuck...

EDIT: I didn't want to go messing with folder permissions as I like to let ISPConfig do what it needs to keep everything coherent across all my sites. However, I did change the permissions for the webdav folder as such from:

Code:

root@auriga:/var/www/MYDOMAIN.net# ls -al
...
drwxr-xr-x  3 root root     4096 2009-07-12 20:12 var
drwxr-xr-x 13 web2 client1  4096 2011-02-21 13:23 web
drwxrwx---  3 web2 client1  4096 2011-03-03 22:35 webdav

to:

Code:

...
drwxr-xr-x  3 root root     4096 2009-07-12 20:12 var
drwxr-xr-x 13 web2 client1  4096 2011-02-21 13:23 web
drwxrwxr-x  3 web2 client1  4096 2011-03-03 22:35 webdav

After changing these permissions, I was able to get the client to login. Seeing as how I had to change these permissions manually... is there a problem with the way ISPConfig creates the folder?

 

There were problems in ispconfig 3.0.3 which has been fixed in 3.0.3.1 or 3.0.3.2. With the latest version there are no known problems. But you may post a report in the bugtracker and we can check this before 3.0.3.3 gets released.

 

I have the same problem on my Debian lenny setup with ISPCONFIG 3.0.4.1. At my system mod_dav is running as "www-data" which doesn't match with my webdav-permissions according to the configuration of ISPCONFIG. This is noticed before.
See below:

http://www.howtoforge.com/using-webdav-with-ispconfig-3-on-ubuntu-9.10:
Because mod_dav is running with the privileges of the Apache user and group (both www-data on Ubuntu), we must change the owner and group of the /var/www/clients/client1/web1/web to www-data recursively (otherwise you won't be allowed to create/edit/delete files/directories using WebDAV):

If I change the owner and group to www-data, everything runs fine. But I think from version 3.03 this is not the way it should be. Has someone ideas?

See below for more information on my setup:
# add support for apache mpm_itk
<IfModule mpm_itk_module>
AssignUserId web45 client1
</IfModule>

<IfModule mod_dav_fs.c>
# Do not execute PHP files in webdav directory
<Directory /var/www/clients/client0/web45/webdav>
<FilesMatch "\.ph(p3?|tml)$">
SetHandler None
</FilesMatch>
</Directory>
# DO NOT REMOVE THE COMMENTS!
# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
# WEBDAV BEGIN

Alias /webdav/test1 /var/www/clients/client0/web45/webdav/test1
<Location /webdav/test1>
DAV On
AuthType Digest
AuthName "test1"
AuthUserFile /var/www/clients/client0/web45/webdav/test1.htdigest
Require valid-user
Options +Indexes
Order allow,deny
Allow from all
</Location>
# WEBDAV END
</IfModule>