Manualshelf

Specifications

ManualsBrandsApple ManualsNetwork CardMac OS X Server
11121314151617181920
Understanding WebDAV
If you use WebDAV to provide live authoring on your website, you must create
realms and set access privileges for users. Each site you host can be divided into a
number of realms, each with its own set of users and groups that have browsing
or authoring privileges.
Setting WebDAV Privileges
The Apache process running on the server must have access to the websites les
and folders. To provide this access, Mac OS X Server installs a user named www and
a group named www in the servers Users & Groups List. The Apache processes that
serve webpages run as the www user and as members of the www group.
You must give the www group Read access to les in websites so the server can
transfer the les to browsers when users connect to the sites. The Apache process
runs with an eective user ID and group ID of www and needs access to the les and
directories in the WebDAV realm and in the /var/run/davlocks/ folder.
Understanding WebDAV Security
In Mac OS X Server v10.6, WebDAV lets you use a web server as a le server. Clients use
their browsers from multiple locations, on many types of computers, to access and
share les on the server. For more information about using WebDAV for le sharing,
see “Using WebDAV to Share Files” on page 52.
WebDAV also lets users update les on a website while the site is running. When
WebDAV is enabled, the web server must have write access to the les and folders in
the site users are updating.
Both features of WebDAV—providing a le server with browser access, and website
updating—have signicant security implications when other sites are running on the
server, because individuals responsible for one site might be able to change other
sites. To avoid this problem, carefully set access privileges for site les using the File
Sharing pane of Server Admin.
Mac OS X Server uses the group www, which contains Apache processes. You must
give the www group Read & Write access to les on the website. You also need to
assign these les Read & Write access by the website administrator (Owner) and No
Access to Everyone. For more information, see File Server Administration.
16 Chapter 1 Web Technologies Overview