The OrbitOS WebDAV Daemon provides a WebDAV interface for different virtual Filesystems. These Filesystem can either be real local Filesystems, Mounted Filesystems via fstab (including NFSv3) or other sources for which a orbit-webdavd filesystem driver exist (like MySQL, Redis, MongoDB, ...).
Different authenticator plugins allow for different authentication methods (PAM, Ldap, static Mapping, ...). Credential outcomes are cached for performance reasons.
Operators provide a way to act differently depending on user and context. These can be defined on a per virtual filesystem basis.
- Provided virtual filesystem drivers
- Virtual filesystem driver interface description
- Provided authenticator systems
- Authenticator interface description
- Provided operator systems
- Operator interface description
- Configuration examples
- Current WebDAV RFC compliance
Currently implemented virtual filesystem drivers:
The DirectoryFilesystem driver exposes a directory present on the local filesystem (or other filesystem which are mounted locally). Additional directories can be supplied which are allowed when resolving symlinks (DirectoryFilesystem driver forces resolved paths to be either in the basepath or in one of the supplied additional directories)
With Operators you can force the filesystem to act like a specific user or to act like the authenticated user (only makes sense with pam).
Like the DirectoryFilesystem but sets the basepath according to the homedirectory gained from the supplied Operator.
TODO
Currently implemented authenticator systems:
The DebugAuthenticator successfully authenticates the user if the username is equal to the supplied password. It is primarily used to validate other parts of the daemon during development. DO NOT USE IN PRODUCTION!
The StaticAuthenticator validates supplied username and password with a static username/password map. This is sufficient for smaller installations where users don't need their own account in the machines user management.
The PAMAuthenticator validates supplied username and password with the help of PAM. It is used to authenticate against local system accounts. Because you can use PAM with credentials stored in LDAP or Kerberos this Authenticator is also viable if you use these to store credentials.
TODO
TODO
TODO
TODO
WebDAV Feature | v0.1 | v0.2 |
---|---|---|
OPTIONS | ✔️ | ✔️ |
PROPFIND | ✔️ | ✔️ |
PROPFIND with Depth-Header | ✔️ | ✔️ |
PROPFIND with XML-Props | ||
PROPPATCH | *1 | *1 |
MKCOL | ✔️ | ✔️ |
MKCOL with Body | *2 | *2 |
GET | ✔️ | ✔️ |
HEAD | ✔️ | ✔️ |
DELETE | ✔️ | ✔️ |
PUT | ✔️ | ✔️ |
COPY | ✔️ | |
COPY with Overwrite: T | ||
MOVE | ✔️ | |
MOVE with Overwrite: T | ||
LOCK | ✔️ | ✔️ |
UNLOCK | ✔️ | ✔️ |
*1 Send a Dummy Response because dead properties are not supported yet
*2 RFC only defines that it can be used to create resources but no protocol specification