Apache-WebDAV-LDAP-HOWTO.pdf

Apache based WebDAV with LDAP and SSL

HOWTO

Saqib Ali

saqib@seagate.com

Revision History

Revision v3.1

2002−04−11

Revised by: sa

Updated the introduction section

Revision v3.0

2002−04−09

Revised by: sa

Added "Implementing and using SSL to secure WebDAV traffic" section

Revision v2.1

2002−03−24

Revised by: sa

Refined the WebDAV Introduction and SSL section.

Revision v2.0

2002−03−20

Revised by: sa

Added the SSL section

Revision v1.1

2001−11−29

Revised by: sa

Initial public release.

Revision v1.0

2001−11−01

Revised by: sa

Initial public release.

.This document is an HOWTO on installing a Apache based WebDAV server with LDAP for authentication

and SSL encryption.

Apache based WebDAV with LDAP and SSL HOWTO

Table of Contents

1. Introduction. ....................................................................................................................................................1

1.1. Copyright and License. .....................................................................................................................1

1.2. What is WebDAV?. ..........................................................................................................................1

1.3. What is mod_dav?.. ...........................................................................................................................1

1.4. Why use WebDAV? .........................................................................................................................1

1.5. How does WebDAV work?. .............................................................................................................2

1.6. What do we need?. ............................................................................................................................2

1.7. Assumptions.. ....................................................................................................................................2

1.8. Opinions and Suggestions. ................................................................................................................3

2. Installing WebDAV services. .........................................................................................................................4

2.1. Pre−Requirements. ............................................................................................................................4

2.1.1. OpenLDAP lib files installation. ......................................................................................4

2.1.2. OpenSSL Engine. ..............................................................................................................5

2.2. Pre−configuring Apache. ..................................................................................................................5

2.3. Configuring and Installing mod_dav. ...............................................................................................5

2.4. Installing and configuring mod_auth_ldap. ......................................................................................6

2.5. Installing and configuring mod_ss. ..................................................................................................6

2.6. Configuring and Installing Apache. ..................................................................................................6

3. Configuring and Setting up the WebDAV services. ...................................................................................8

3.1. Modifications to the /usr/local/apache/conf/httpd.conf. ..................................................................8

3.2. Creating a directory for DAVLockDB .............................................................................................8

3.3. Enabling DAV. .................................................................................................................................9

3.4. Create a Directory called DAVtest. ..................................................................................................9

3.5. Restart Apache. ...............................................................................................................................10

4. Implementing and using SSL to secure WebDAV traffic. ........................................................................11

4.1. Introduction to SSL. ........................................................................................................................11

4.1.1. Quick and Dirty on Encryption algorithms used in SSL. ...............................................11

4.2. Homegrown Certificates. ................................................................................................................12

4.3. Then why do I need a CA?. ............................................................................................................12

4.4. How to create CSR.. ........................................................................................................................12

4.5. Removing passphrase from the RSA Private Key. .........................................................................12

4.6. Trusted Certificate Authorities .......................................................................................................13

1. Introduction

The Objective of this document is to setup a Apache based WebDAV server that can authenticate against a

LDAP server. You will learn how to install, configure, run, maintain and fine−tune a Apache−based

WebDAV server. This document will provide the basic groundwork for setting up a WebDAV server. It will

also provide information on fine tuning and maintaining the server.

Note: If you encounter any problems installing Apache or any of the modules please feel free to contact

me.

WebDAV Support and Discussion Forum

This document is not a HOWTO on setting up LDAP server . For setting up a LDAP server please visit

http://www.linuxdoc.org/HOWTO/LDAP−HOWTO−1.html

1.1. Copyright and License

document under the terms of the GNU Free Documentation License, Version 1.1 or any later version

published by the Free Software Foundation; with no Invariant Sections, with no Front−Cover Texts, and with

no Back−Cover Texts. A copy of the license is available at http://www.gnu.org/copyleft/fdl.html

1.2. What is WebDAV?

WebDAV stands for Web enabled Distributed Authoring and Versioning. It provides a collaborative

environment for users to edit/manage files on web−servers. Technically DAV is an extension to the http

protocol.

Here is a brief description of the extensions provided by DAV:

Overwrite Protection:

Properties:

Name−space management:

1.3. What is mod_dav?

Please read http://www.webdav.org/mod_dav/faq/

1.4. Why use WebDAV?

1. Introduction

Apache based WebDAV with LDAP and SSL HOWTO

Using WebDAV technology people throughout the world can be working on the same document. With the

locking mechanism that DAV provides, the person who is editing the resource will lock it for editing. Others

can read it but not modify it. When the person who is editing the document, is done editing, he/she will

release the lock, and then others can modify the documents as well.

Authentication to gain access to resources is available in HTTP. This HOWTO discusses using LDAP for

authentication. Permissions using groups and users in LDAP directory can be setup to control read/write

access to various resources(documents) on the WebDAV server, so that you dont need to share passwords to

work on the same documents

If you are worried about people trying to sniff your traffic, and gain access to confidential data, then worry

not − you can always use HTTP with SSL ver3. This is the best encryption available. This documents details

on how to implement WebDAV server which uses SSL encryption for transferring data.

1.5. How does WebDAV work?

text goes here...

1.6. What do we need?

The tools needed to achieve this objective are:

· LDAP Module for Apache

Apache Web Server

· WebDAV Module for Apache

· LDAP lib file

NOTE: All of these packages are free and are available for download on the net.

We will compile all the above mentioned packages to produce binaries for the Web Server. The WebDAV

and LDAP module will be compiled statically into Apache. Static compilation results in faster execution

times. Apache was chosen, because it is the most versatile web server ever to exist. Market Shares for Top

Web Servers shows that Apache has the largest web server market share.

Apache is also being used by:

· CIHost − WebHosting provider

RackSpace − WebHosting provider

· SlashDot

1.7. Assumptions

This document assumes that you have the following already installed on your system.

gzip or gunzip − available from http://www.gnu.org

gcc and GNU make − available from http://www.gnu.org

1.5. How does WebDAV work?

Apache based WebDAV with LDAP and SSL HOWTO

The document also assumes there is a LDAP server installed elsewhere which will be used for the

authentication.

1.8. Opinions and Suggestions

If you have any questions about the information available on this document, please contact me on the

following email address: saqib@seagate.com

If you have comments and/or suggestions, please let me know as well!

1.8. Opinions and Suggestions

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: