|
Damjan Georgievski
gdamjan at gmail.com
Mon Oct 8 11:06:22 EDT 2007
I'm trying to build a simple handler that will multi-user WebDav storage. Of course I intend to use the DAV support in Apache, and just want to write a simple wrapper that will allow or deny access acording to some criteria. It seemed to me that I'd that easyest with python and mod_python. A bit of context. WebDav uses several HTTP methods, but we can generally separate them in two classes: GET&HEAD are public, every other can be considered restricted. My idea is that a user has full rw access to his own part of DAV storage (for ex. '$DAVROOT/username'), everything stored there is publically readable unless stored in the special folder '$DAVROOT/username/private'. Now, the question is what handler to use. I tried the accesshandler, but it seems I can't return HTTP_UNAUTHORIZED from it (it gets converted to FOBIDDEN somewhere). I tried authenhandler, but it needs peculiar setup in apache's configuration, and it requires authorization no matter what. I also tried PythonHandler (and SetHandler mod_pytohn) but the problem is that it doesn't handle requests for methods other than the standard GET, POST, etc. (it misses PROPFIND for ex.). I tried inithandler too, it seemed like it doesn't execute. So the question is, which handler I can use so that I can allow public access in some cases, FORBID access in other casses, and ask for authorization in third cases?
|