W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > January to March 2006

Webdav (apache) not enforcing limits

From: Sean Davis <sdavis2@mail.nih.gov>
Date: Tue, 28 Feb 2006 09:13:28 -0500
To: <w3c-dist-auth@w3.org>
Message-ID: <C029C4B8.6FE8%sdavis2@mail.nih.gov>

This is my first post to this list--if I am in the wrong place, please feel
free to redirect me.

I am running the following on MacOS 10.4.5:

Apache/2.0.54 (Unix) DAV/2 proxy_html/2.5 SVN/1.2.3 PHP/5.0.4 mod_perl/2.0.1

I have a webDAV directory configured as such:

<Location /webDAV/public/>
    Dav On
    AuthType Basic
    AuthName "Public WebDAV Repository"
    AuthUserFile /usr/local/apache2/passwd/htpass
    Options none
    AllowOverride none
    <LimitExcept GET HEAD OPTIONS>
        Require user sean

However, when I connect to this DAV directory (via the mac "connect to
server"), I can happily PUT, DELETE, and PROPFIND.  Below is the access log.
I'm confused as to why I can still do these things with the above
configuration. - sean [28/Feb/2006:08:46:34 -0500] "PUT
/webDAV/public/Abstract.doc HTTP/1.1" 204 -

<SNIP> - sean [28/Feb/2006:08:46:55 -0500] "DELETE
/webDAV/public/Abstract.doc HTTP/1.1" 204 - - sean [28/Feb/2006:08:46:55 -0500] "DELETE
/webDAV/public/._Abstract.doc HTTP/1.1" 204 - - sean [28/Feb/2006:08:46:55 -0500] "PROPFIND /webDAV/public/
HTTP/1.1" 207 2230 - sean [28/Feb/2006:08:49:00 -0500] "PROPFIND /webDAV/public/
HTTP/1.1" 207 560 - sean [28/Feb/2006:08:49:00 -0500] "PROPFIND /webDAV/public/
HTTP/1.1" 207 2230 - - [28/Feb/2006:08:49:00 -0500] "GET
/webDAV/public/._Templeton HTTP/1.1" 304 -
Received on Tuesday, 28 February 2006 14:13:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:13 GMT