[OpenAFS] afs as backend for webdrive-ish system?

Derrick J Brashear shadow@dementia.org
Fri, 26 Sep 2003 15:39:34 -0400 (EDT)

On Fri, 26 Sep 2003, Noel Burton-Krahn wrote:

> I use OpenAFS as a back end for apache's mod_dav.  Is that what you had in
> mind?  DAV is a nice alternative to installing the whole OpenAFS client.

It's not my idea, so it's not clear what the real goal is.

> DAV has the same functionality as FTP, but it can be secured over HTTPS.
> The only problem with WebDAV is that it can't tell the difference between
> running a script and fetching the script contents.  If you open myscript.cgi
> under mod_dav, it will execute the CGI rather that returning the CGI
> contents.

That's sort of unfortunate.

> I also added a module to Apache to cache AFS tokens for browser sessions.
> When a user hits an AFS directory for which they have no permissions, they
> get a login screen.  After they log in to the browser, it reuses the user's

I suspect the people who want this would ultimately want pubkooky... I
mean, WebISO, with the 2nd level authentication stuff. I'm only concerned
with proof of concept, and have no desire to touch WebISO.

> AFS tokens for future requests.  This Apache AFS authenitcation module works
> for fetching files, images, and scripts.  It's nice to use the file system
> for permission rather than .htaccess files.

Are your modifications available somewhere? I guess the flipside is that
for users to be happy with it they'll need a web way to manipulate both
permissions and groups.