September 2003 SIGUCCS ‘03 Paper # 62 WebDAV: What It Is, What It Does, Why You Need It by Luis O. Hernández Mahmoud Pegah.

Slides:



Advertisements
Similar presentations
Welcome to Middleware Joseph Amrithraj
Advertisements

KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.
File Server Organization and Best Practices IT Partners June, 02, 2010.
HEP Data Sharing … … and Web Storage services Alberto Pace Information Technology Division.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Content Overview Update Process Additional Tools.
Computer Monitoring System for EE Faculty By Yaroslav Ross And Denis Zakrevsky Supervisor: Viktor Kulikov.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
Chapter 13 Chapter 13: Managing Internet and Network Interoperability.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.
PHP Scripting Language. Introduction “PHP” is an acronym for “PHP: Hypertext Preprocessor.” It is an interpreted, server-side scripting language. Originally.
Offsite Backups. The purpose of this Startup Guide is to familiarize you with Own Web Now's Offsite Backup offering and show you how to purchase, deploy.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
Copyright © 2014 EMC Corporation. All Rights Reserved. Exporting NFS File Systems to UNIX/ESXi Upon completion of this module, you should be able to: Export.
Slide 1 of 9 Presenting 24x7 Scheduler The art of computer automation Press PageDown key or click to advance.
Web Programming Language Dr. Ken Cosh Week 1 (Introduction)
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Windows ® Powered NAS. Agenda Windows Powered NAS Windows Powered NAS Key Technologies in Windows Powered NAS Key Technologies in Windows Powered NAS.
John Hartley Mark Bransby Utilizing Adobe's Publishing Solutions for Distributed Web Publishing.
11 SHARING FILE SYSTEM RESOURCES Chapter 9. Chapter 9: SHARING FILE SYSTEM RESOURCES2 CHAPTER OVERVIEW Create and manage file system shares and work with.
Smart Card Single Sign On with Access Gateway Enterprise Edition
Section 6.1 Explain the development of operating systems Differentiate between operating systems Section 6.2 Demonstrate knowledge of basic GUI components.
1 SAMBA. 2 Module - SAMBA ♦ Overview The presence of diverse machines in the network environment is natural. So their interoperability is critical. This.
Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .
IGEL UMS Product Marketing Manager October 2011 Florian Spatz Universal Management Suite.
Web-based Software Development Web-based Distributed Authoring and Versioning Jul 19, 2005 Shin Young Ahn.
Module 5: Managing Public Folders. Overview Managing Public Folder Data Managing Network Access to Public Folders Publishing an Outlook 2003 Form Discussion:
Module 8: Managing Client Configuration and Connectivity.
Introduction to SQL Server 2000 Security Dave Watts CTO, Fig Leaf Software
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
Chapter 14: Remote Server Administration BAI617. Chapter Topics Configure Windows Server 2008 R2 servers for remote administration Remotely connect to.
1 Guide to Novell NetWare 6.0 Network Administration Chapter 11.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.
An introduction to Apache. Different Types of Web Servers Apache is the default web server for may Unix servers. IIS is Microsoft’s default web server.
Hands-On Microsoft Windows Server 2008
1 Guide to Novell NetWare 6.0 Network Administration Chapter 13.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
SUSE Linux Enterprise Desktop Administration Chapter 12 Administer Printing.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
Mr C Johnston ICT Teacher
FTP Server and FTP Commands By Nanda Ganesan, Ph.D. © Nanda Ganesan, All Rights Reserved.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,
Simplify and Strengthen Security with Oracle Application Server Allan L Haensgen Senior Principal Instructor Oracle Corporation Session id:
Compatibility and Interoperability Requirements
1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.
Apache Security Travis Jeffries. Introduction Authentication and Authorization Strict Access Methods Defending against Attacks Bad CGI Programs Apache.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Five Windows Server 2008 Remote Desktop Services,
Remote Administration Remote Desktop Remote Desktop Gateway Remote Assistance Windows Remote Management Service Remote Server Administration Tools.
Samba – Good Just Keeps Getting Better The new and not so new features available in Samba, and how they benefit your organization. Copyright 2002 © Dustin.
Introduction to Taverna Online and Interaction service Aleksandra Pawlik University of Manchester.
Sync and Exchange Research Data b2drop.eudat.eu This work is licensed under the Creative Commons CC-BY 4.0 licence B2DROP EUDAT’s Personal.
© Paradigm Publishing, Inc. 4-1 Chapter 4 System Software Chapter 4 System Software.
Web Technology – Web Server Setup : Chris Uriarte Meeting 4: Advanced Topics, Continued: Securing the Apache Server and Apache Performance Tuning Rutgers.
Remote Access Usages. Remote Desktop Remote desktop technology makes it possible to view another computer's desktop on your computer. This means you can.
Configuring and Deploying Web Applications Lesson 7.
Chapter 2 – Part 1 Introduction To Windows Operating Systems CMPF 112 : COMPUTING SKILLS.
(ITI310) By Eng. BASSEM ALSAID SESSIONS 10: Internet Information Services (IIS)
1 (c) 2013 FabSoft. MOST Cloud Service What is a Cloud Service? A cloud service is internet-based, meaning that MOST is hosted on a server farm on the.
Web Server Administration Chapter 6 Configuring a Web Server.
BOF-1147, JavaTM Technology and WebDAV: Standardizing Content Management Java and WebDAV Juergen Pill Team Leader Software AG Remy Maucherat Software Engineer.
1 Directory Services  What is a Directory Service?  Directory Services model  Directory Services naming model  X.500 and LDAP  Implementations of.
Web Programming Language
Introduction to Operating Systems
Web Portal Project.
Introduction to SQL Server 2000 Security
Configuring Internet-related services
Chapter 2: Operating-System Structures
Designing IIS Security (IIS – Internet Information Service)
Presentation transcript:

September 2003 SIGUCCS ‘03 Paper # 62 WebDAV: What It Is, What It Does, Why You Need It by Luis O. Hernández Mahmoud Pegah

September 2003 The WebDAV Session Explain WebDAV Explain WebDAV Demonstrate the use of WebDAV in both Windows and Apple systems Demonstrate the use of WebDAV in both Windows and Apple systems Share Ringling School’s framework Share Ringling School’s framework Address issues that Ringling School has experienced with WebDAV Address issues that Ringling School has experienced with WebDAV Propose suggestions that could make WebDAV stronger and more usable Propose suggestions that could make WebDAV stronger and more usable

September 2003 WebDAV: What Is It? WebDAV: Web Distributed Authoring and Versioning WebDAV: Web Distributed Authoring and Versioning Allows web development teams and other workgroups to share files Allows web development teams and other workgroups to share files Allows easy setup for administrators and ease of use for users Allows easy setup for administrators and ease of use for users

September 2003 Distribution, Installation, and Configuration

September 2003 WebDAV: Distribution Used Apache v Apache v WebDAV module v1.3.6 WebDAV module v1.3.6 LDAP module v2.3 LDAP module v2.3 Netscape LDAP v4.1 Netscape LDAP v4.1

September 2003 WebDAV: Installation Include the WebDAV and LDAP module with the Apache installation during configuration: Include the WebDAV and LDAP module with the Apache installation during configuration: # Apache web server configure command./configure \ --prefix=/local/apache_ \ --enable-module=proxy \ --activate-module=src/modules/dav/libdav.a \ --activate-module=src/modules/ldap/mod_auth_ldap.c

September 2003 WebDAV: Configuration (Part 1) You do not need to do anything to the Apache configuration until you require LDAP support: # Enable WebDAV support Addmodule mod_dav.c DAVLockDB /local/apache/var/DAVLock You do not need to do anything to the Apache configuration until you require LDAP support: # Enable WebDAV support Addmodule mod_dav.c DAVLockDB /local/apache/var/DAVLock

September 2003 WebDAV: Configuration (Part 2) Two configuration options for authentication mechanisms: Two configuration options for authentication mechanisms: WebDAV with standard htpasswd support WebDAV with standard htpasswd support WebDAV with LDAP support WebDAV with LDAP support

September 2003 WebDAV: Configuration (Part 3) Simple configuration within a directory enables WebDAV support: Simple configuration within a directory enables WebDAV support: # WebDAV folder for a Project DAV On #RSADShareDAVOwnerUID [owneruid] #RSADShareDAVSize [Quota in MB] AllowOverride None AuthName "[Project Title]" AuthType Basic AuthUserFile [/.hiddenFolder/.hiddenFile] Require user [user names] Order Deny,Allow Deny from all Allow from trusteddomain.com

September 2003 WebDAV: Configuration (Part 4) Simple WebDAV Configuration Simple WebDAV Configuration Web Server Mac OS X Clients Windows Clients Other Clients

September 2003 WebDAV: Configuration (Part 5) WebDAV configuration with LDAP support WebDAV configuration with LDAP support # WebDAV folder for a Project DAV On #RSADShareDAVOwnerUID [owneruid] #RSADShareDAVSize [Quota in MB] AllowOverride None AuthName "[Project Title]" AuthType Basic Require user [user names] Order Deny,Allow Deny from all Allow from trusteddomain.com LDAP_Server ldap.yourdomain.com LDAP_Port 389 Base_DN "[BaseDN]" UID_Attr uid

September 2003 WebDAV: Configuration (Part 6) WebDAV configuration with LDAP support for user authentication WebDAV configuration with LDAP support for user authentication Web Server Mac OS X Clients Windows Clients Other Clients LDAP Server

September 2003 WebDAV: Configuration (Part 7) User files are available through the Internet. Unless user publishes a website, s/he may want to prevent Internet access to those files. To do that, include the “GET” and “POST” attributes in the “Limit” directive. User files are available through the Internet. Unless user publishes a website, s/he may want to prevent Internet access to those files. To do that, include the “GET” and “POST” attributes in the “Limit” directive.

September 2003 WebDAV: Other Distributions Servers Servers Internet Information Server Internet Information Server Mac OS X Server Mac OS X Server Neon Web Server v0.23.9, open source Neon Web Server v0.23.9, open source

September 2003 WebDAV: Other Distributions Clients Clients Microsoft Windows 2000 and up Microsoft Windows 2000 and up Mac OS X Mac OS X GNOME Nautilus GNOME Nautilus KDE KDE Goliath (Mac OS 9) Goliath (Mac OS 9) Java DAV Explorer for JVM Java DAV Explorer for JVM Cadaver for UNIX terminals Cadaver for UNIX terminals

September 2003 WebDAV: Other Distributions Additional Client Distributions Additional Client Distributions jEdit WebDAV plugin for Jedit text-editing application jEdit WebDAV plugin for Jedit text-editing application Eldav for Emacs Eldav for Emacs APIs APIs PerlDAV PerlDAV PythonDAV PythonDAV File-system driver File-system driver DAVfs for Linux DAVfs for Linux

September 2003 How to Connect to a Web Share

September 2003 WebDAV: Connect from Windows Depends on the version Depends on the version

September 2003 WebDAV: Connect from Apple Click on the Desktop Click on the Desktop Press Command Key + K Press Command Key + K Enter the share address and your credentials when prompted Enter the share address and your credentials when prompted

September 2003 WebDAV: Monitoring the Shares Ringling School created custom monitoring tools to check for quota usage on each share Ringling School created custom monitoring tools to check for quota usage on each share The following attributes were added to the WebDAV Apache configuration for the custom tool: The following attributes were added to the WebDAV Apache configuration for the custom tool: RSADShareDAVOwnerUID (user name) RSADShareDAVOwnerUID (user name) RSADShareDAVSize (MB) RSADShareDAVSize (MB) Scripts are available at Scripts are available at

September 2003 Security

WebDAV: Authentication WebDAV authentication is sent in clear text WebDAV authentication is sent in clear text For security purposes, allow only campus connections to the shares For security purposes, allow only campus connections to the shares Apple will enable encrypted connections to WebDAV shares from their upcoming OS, Panther Apple will enable encrypted connections to WebDAV shares from their upcoming OS, Panther

September 2003 WebDAV: DoS Attacks Multiple users could create a DoS situation if they upload large files at the same time Multiple users could create a DoS situation if they upload large files at the same time An increase in server memory and an increase in Apache processes should diminish the probability of DoS An increase in server memory and an increase in Apache processes should diminish the probability of DoS

September 2003 WebDAV: Module Signature All Apache modules, including WebDAV, are identified in the server signature All Apache modules, including WebDAV, are identified in the server signature NetCraft.net provides information about any server on the Internet NetCraft.net provides information about any server on the Internet Malicious intruders can use the server signature to find vulnerabilities in the system Malicious intruders can use the server signature to find vulnerabilities in the system

September 2003 Lessons Learned No Quota System Single Authoritative User Replication

September 2003 WebDAV: No Quota System Custom monitoring tools necessary to enforce quota usage Custom monitoring tools necessary to enforce quota usage Tools report quota breach to administrator Tools report quota breach to administrator Tools available at Tools available at

September 2003 WebDAV: Single Authoritative User A typical install of Apache does not allow for changing the running user identification A typical install of Apache does not allow for changing the running user identification Apache can be installed to allow for changing the running user identification, but then it must also run as root, which is in itself a security vulnerability Apache can be installed to allow for changing the running user identification, but then it must also run as root, which is in itself a security vulnerability All web shares are owned by one user who also owns Apache running processes All web shares are owned by one user who also owns Apache running processes Users can overwrite each other’s files in a share Users can overwrite each other’s files in a share

September 2003 WebDAV: Replication Apache v Apache v WebDAV module v1.3.6 WebDAV module v1.3.6 LDAP module v2.3 LDAP module v2.3 Netscape LDAP v4.1 Netscape LDAP v4.1 Solaris 8 Solaris 8 SunFire 280R, 2GB memory SunFire 280R, 2GB memory

September 2003 Helpful Suggestions Directory Quotas Quota Attributes Apache SetUID WebDAV Support in NAS Devices

September 2003 WebDAV: Directory Quotas Some software vendors (Novell) already support directory quotas Some software vendors (Novell) already support directory quotas No open source solution yet available No open source solution yet available Allows web shares to comply with quota limits with a single authoritative user Allows web shares to comply with quota limits with a single authoritative user

September 2003 WebDAV: Quota Attributes New attributes that work with the WebDAV module would alert users of quota breaches and would set quota limits New attributes that work with the WebDAV module would alert users of quota breaches and would set quota limits DAVDiskLimit – sets quota limit in MB DAVDiskLimit – sets quota limit in MB DAVOwner – address of user DAVOwner – address of user DAVAlertOn – alarm limit to alert owner DAVAlertOn – alarm limit to alert owner

September 2003 WebDAV: Apache SetUID Allow the WebDAV module to set the ownership of the running process so that it can act on behalf of authenticated users and not the process owner of the web server Allow the WebDAV module to set the ownership of the running process so that it can act on behalf of authenticated users and not the process owner of the web server Internet Draft, Quota and Size Properties for DAV Collections, explains properties and minor behaviors needed for clients to interoperate with quota implementations on web foloders Internet Draft, Quota and Size Properties for DAV Collections, explains properties and minor behaviors needed for clients to interoperate with quota implementations on web foloders

September 2003 WebDAV: Support in NAS Devices Network Appliance Servers support CIFS, NFS, HTTP, FTP, and NDMP, but not WebDAV Network Appliance Servers support CIFS, NFS, HTTP, FTP, and NDMP, but not WebDAV WebDAV support in NAS devices would be easy to implement since HTTP is already supported WebDAV support in NAS devices would be easy to implement since HTTP is already supported Administration of WebDAV enabled NAS devices would improve with a WebDAV “broker” Administration of WebDAV enabled NAS devices would improve with a WebDAV “broker”

September 2003 WebDAV: NAS WebDAV Broker Clients would connect to the WebDAV broker instead of the NAS devices Clients would connect to the WebDAV broker instead of the NAS devices The WebDAV broker would be responsible for authenticating the users with an LDAP server The WebDAV broker would be responsible for authenticating the users with an LDAP server NAS WebServer LDAP Server Other Clients Windows Clients Mac OS X Clients

September 2003 WebDAV: NAS WebDAV Broker After authentication, the broker would send a list of available shares to the client After authentication, the broker would send a list of available shares to the client The client then connects to the NAS devices directly The client then connects to the NAS devices directly NAS Other Clients Windows Clients Mac OS X Clients

September 2003 WebDAV: Announcing a New Service! Service initially released with a minimal amount of users Service initially released with a minimal amount of users Faculty learns of web share availability with introduction to IT upon employment Faculty learns of web share availability with introduction to IT upon employment Online tutorials available at Online tutorials available at Students have been helpful in spreading the word Students have been helpful in spreading the word

September 2003 Thank You!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.