Is that Kerberized? My main problem has been with authenticating
against open directory. I can set up WebDAV against a local user on
the OSXS, but get failures when I try to set up an Open Directory
group in the realm and authenticate as a member of that group.
That's not a Kerberos auth realm, but it is authenticating against
Open Directory on a user basis, I have to admit I've never had to do
it on a group basis, if that didn't work you could always keep it at
require user, but add all the usernames. I've done that for a couple
of special cases
I have scripts which generate the appropriate Apache realm configs,
but here is what one looks like inside an SSL website.
<Directory "/path/to/calendar/location/">
<IfModule mod_dav.c>
DAV On
</IfModule>
AuthName "username"
<Limit PUT DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
Require user username
</Limit>
AuthType Digest
</Directory>
I basically have a script which loops through all the users who
should have a calendar realm they can publish to, backs up the
existing apache site config file, adds the relevant Directory block
and Realm, restarts apache, checks the exit status, and rolls back to
the old config file if apache doesn't start up, emailing me to let me
know. That's never happened except when I've deliberately provoked
the error though.
--
Nigel Kersten Senior Technical Officer
College of Fine Arts, UNSW Sydney, Australia.
CRICOS Provider Code: 00098G
