W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 2006

Re: DAV 'drop box'

From: Alex Jalali <alex@ubudesign.com>
Date: Wed, 20 Dec 2006 12:15:23 -0800 (PST)
Message-ID: <27652.65.165.247.140.1166645723.squirrel@www.ubudesign.com>
To: "Tristan Fiedler" <fiedler@cshl.edu>
Cc: w3c-dist-auth@w3.org

I'm not that familiar with apache permissions but wouldn't removing GET,
DELETE ect from limit do what you need?

 <Limit GET OPTIONS PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY
 MOVE LOCK UNLOCK>


>
> I am using a DAV server for a project where authorized users will
> upload large data files to our DAV site (linux running apache).  I have
> been able to set up the apache directives to allow users to upload
> files, but wanted to know if there is a way to allow *only* file
> uploads, and thus prevent users from reading files already present in
> the DAV directory, and also from deleting/downloading files already
> present in the DAV directory.
>
> Basically, I am attempting to create a "drop box" where users must
> login, then can upload their file but not delete or read material
> already present on the DAV folder.  I currently have the httpd.conf
> file :
>
>     <Location /dav_directory>
>     DAV On
>     AllowOverride None
>     Options +Indexes
>     AuthType Basic
>     AuthName "authorization"
>     AuthUserFile /path/to/passwd/file
>     <Limit GET OPTIONS PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY
> MOVE LOCK UNLOCK>
>         Require user foobar
>     </Limit>
> </Location>
>
> Many thanks for any assistance!
>
>
>
Received on Thursday, 21 December 2006 06:57:15 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:15 GMT