Login/Register
How to make file READ ONLY when exposed through WebDAV
Asked Answered
Solved webdavjackrabbit
I

1

4

I'm using jackrabbit implementation of WebDAV. There is a user who doesn't have write permission to a folder. That user is able to open the file in desktop applications and able to edit. When the user does save, the server is rejecting the changes but the client is still having those changes, though after the re-mount, these changes will be gone. So, I'm looking for the answers to the following questions:

  1. Is there a way to make files/folders READ-ONLY when mounted through a WebDAV?
  2. Does WebDAV spec allows this? If so, how to do this (response format/values) on MAC and windows?

Thanks for your help.

With jackrabbit server, on a windows native WebDAV client, we could got it working with property name Z:Win32FileAttributes.

Here is the PROPFIND response captured in charles:

<D:response>
    <D:href>http://10.40.61.110:8080/repository/default/content/test.txt</D:href>
    <D:propstat>
        <D:prop>
            <Z:Win32FileAttributes xmlns:Z="urn:schemas-microsoft-com:">00000021</Z:Win32FileAttributes>
            <D:creationdate>2015-07-30T05:38:24Z</D:creationdate>
            <D:getetag>"11-1438238197046"</D:getetag>
            <D:lockdiscovery />
            <D:displayname>test.txt</D:displayname>
            <D:supportedlock>
                <D:lockentry>
                    <D:lockscope>
                        <D:exclusive />
                    </D:lockscope>
                    <D:locktype>
                        <D:write />
                    </D:locktype>
                </D:lockentry>
            </D:supportedlock>
            <D:getlastmodified>Thu, 30 Jul 2015 06:36:37 GMT</D:getlastmodified>
            <D:iscollection>0</D:iscollection>
            <D:getcontenttype>application/xml</D:getcontenttype>
            <D:getcontentlength>11</D:getcontentlength>
            <D:resourcetype />
        </D:prop>
        <D:status>HTTP/1.1 200 OK</D:status>
    </D:propstat>
</D:response>
<D:response>
    <D:href>http://10.40.61.110:8080/repository/default/content/Desert.jpg</D:href>
    <D:propstat>
        <D:prop>
            <D:creationdate>2015-07-30T09:49:31Z</D:creationdate>
            <D:getetag>"329032-1438249785205"</D:getetag>
            <D:getlastmodified>Thu, 30 Jul 2015 09:49:45 GMT</D:getlastmodified>
            <D:iscollection>0</D:iscollection>
            <Z:Win32LastModifiedTime xmlns:Z="urn:schemas-microsoft-com:">Thu, 30 Jul 2015 09:49:45 GMT</Z:Win32LastModifiedTime>
            <Z:Win32LastAccessTime xmlns:Z="urn:schemas-microsoft-com:">Thu, 30 Jul 2015 09:49:32 GMT</Z:Win32LastAccessTime>
            <D:getcontentlength>329032</D:getcontentlength>
            <D:resourcetype />
            <Z:Win32FileAttributes xmlns:Z="urn:schemas-microsoft-com:">00000020</Z:Win32FileAttributes>
            <D:lockdiscovery />
            <D:displayname>Desert.jpg</D:displayname>
            <D:supportedlock>
                <D:lockentry>
                    <D:lockscope>
                        <D:exclusive />
                    </D:lockscope>
                    <D:locktype>
                        <D:write />
                    </D:locktype>
                </D:lockentry>
            </D:supportedlock>
            <D:getcontenttype>image/jpeg</D:getcontenttype>
            <Z:Win32CreationTime xmlns:Z="urn:schemas-microsoft-com:">Thu, 30 Jul 2015 09:49:32 GMT</Z:Win32CreationTime>
        </D:prop>
        <D:status>HTTP/1.1 200 OK</D:status>
    </D:propstat>
</D:response>

The value: 00000020 for Z:Win32FileAttributes - Allows to read/write

The value: 00000021 for Z:Win32FileAttributes - Allows to READ-ONLY

Looking for any such properties for native MAC WebDAV client as well?

Investment answered 29/7, 2015 at 19:0 Comment(0)
M
3

WebDAV uses RFC3744 for access control. Generally when a user tries an operation that's not allowed, a WebDAV server implementing RFC3744 will respond with a 403 Forbidden http status code.

However, most WebDAV clients ignore this and pretend that the entire server is either read-write or read-only. It's possible for some clients to emit proprietary webdav properties to indicate read-only status. Windows/Office for instance have their own specialized property, but I don't know the name or value ottomh.

Mujik answered 29/7, 2015 at 20:23 Comment(2)
Thank you @Mujik for you reply. Is there a document which can support "However, most WebDAV clients ignore this and pretend that the entire server is either read-write or read-only." Does MAC native WebDAV client behaves this way?Investment
Yes the mac client also behaves this way. No document, just my experience. You can easily try it out yourself though.Mujik

© 2022 - 2024 — McMap. All rights reserved.