Per user webdav access to their home directories ?

Francis Daly francis at daoine.org
Mon Apr 23 11:30:30 UTC 2012


On Mon, Apr 23, 2012 at 09:50:26AM +0200, Frank Bonnet wrote:

Hi there,

> Setup a PERSONAL webdav access to our users, that is giving
> access to their unix home directories thru a secure webdav.
> 
> If I understand well the main problem is the httpd process
> has to switch to the user's identity after authentication ( LDAP )
> to let him have RW access to his workspace.

Untested; but I would suggest running one webdav instance per user,
under that userid.

Then run one "public" web server, which checks identity and does a
proxy_pass or something similar to the correct webdav instance.

That way the httpd process doesn't have to care about switching
identities; it just acts as a client to another service which has the
right identity already.

(Depending on how you choose to deploy the webdav server, it may
be pure-nginx, or it may include something like a separate fastcgi
server. The userid of whatever process is accessing the files will need
to be correct.)

> Is it possible with the nginx beast ?
> If yes, links to documentation would be welcome !

You can "listen" on a unix:path, and you can "proxy_pass" to that
path, choosing which one to used based on a variable set based on the
authenticated user.

So after you have webdav access as a single user working, you just repeat
that setup.

	f
-- 
Francis Daly        francis at daoine.org



More information about the nginx mailing list