Serve Your iCal Calendars Using WebDAV
Pages: 1, 2
3. Set Up Directories.
First, you need to set up the realm of WebDAV documents. Based on what we put in the configuration file, this will be in a subdirectory of the document root called /dav. So go to your server's document root (it's usually /Library/WebServer/Documents) and create a new directory called dav. I chose that name because I'll remember later what it's for.
Set the permissions and ownership of this directory so that the Web server can write to it. Do this by changing the group owner to www, which the Web server belongs to:
sudo chgrp www /Library/WebServer/Documents/dav
sudo chmod 775 /Library/WebServer/Documents/dav
Next, you need to make a place for the WebDAV lock database file. For lack of a better place, I created /usr/share/httpd/conf. Again, set the permissions so the server can write files here:
sudo chgrp www /usr/share/httpd/conf
sudo chmod 775 /usr/share/httpd/conf
4. Security Measures
Apache needs to know if the iCal trying to update the calendar is legit. So we have to create a new user and password. Don't use an existing user's name and password. A malicious hacker sniffing your communications can grab that username and use it to sneak inside your system. The username we will create will be limited to WebDAV files only, which will be useless to a would-be intruder.
First, create a password file in /Library/WebServer with this command:
htpasswd -c /Library/WebServer/.basic_pw webdavYou'll be prompted for a password. Invent something secure and save it someplace safe. Make the password unique (don't use one that you use elsewhere) because of the basic authentication risk I mentioned earlier. This password, and the user webdav will be the two parameters you give to iCal to connect to your server.
5. Restart the Server.
You could reboot the machine, but it's more elegant just to give the
server a kick in the rear with the kill command. Don't worry, we
aren't going really kill it. The -HUP option tells it to restart
itself and read its configuration file again. Find the process ID
number (PID) like this:
ps -ax | grep httpd
There will be several httpd processes running, but you only have to
interrupt the first one, which is the master for all the rest. The
command is:
sudo kill -HUP 1234Where 1234 is the PID of the first httpd process.
6. Publish Your Calendar.
|
Related Reading 
Mac OS X for Unix Geeks |
You can close the terminal window now, and return to the cozy graphical interface of iCal. Select the calendar you want to publish and then hit the menu command Calendar -> publish... The window that pops up will give you two options: publish on .Mac or on a Web server. Being a maverick, you will click on the second, which expands the window with more options.
For the URL, put in the full path to the calendar file on the server. The name of the file may not be exactly what you typed in for the calendar. If there are spaces, for example, they will be replaced with the number 32, which is the space character's position in the ASCII character set. You can see ahead of time what the name will be by exporting the database to a file and reading the filename.
For username, put in "webdav". The password you created back in step 4 goes in the next field. And that's it!
You can create as many calendars as you want. I have two: http://www.ravelgrane.com/dav/Home.ics and http://www.ravelgrane.com/dav/Work.ics.
Test it out. You can subscribe to your own calendars, though you may
think you're seeing double. If you have problems, check the Web
server's error log in /var/log/httpd/error_log. When you're done,
you'll be able to tell your friends and associates how to subscribe to
your calendars and feel the respect wash over you.
Happy hacking!
Erik T. Ray is a software wrangler and XML guru for O'Reilly Media.
Return to the Mac DevCenter.
Let's talk about serving our own calendars ... right here.
You must be logged in to the O'Reilly Network to post a talkback.
You must be logged in to the O'Reilly Network to post a talkback.
Showing messages 1 through 62 of 62.
-
updated version...?
2006-01-30 00:43:25 liamstask [Reply | View]
Don't suppose anybody is still checking this topic out... It'd be great to get an updated version of the article that addresses the current state of affairs with each of these components as of OS X 10.4.
Looking forward to hearing back about this... -
updated version...?
2006-03-10 01:56:06 Damon_Allen_Davison [Reply | View]
I think you'll find there are other sources on the web that explain how to do this in 10.4. Essentially, everything is built in, you just have to uncomment the WebDAV modules in httpd.conf and set up your authentication.
I hope that helps.
http://www2.astcomm.net:2080/hints/WebDAV/
http://www.macosxhints.com/article.php?story=20020912065811863
-
Worked like a charm
2004-11-17 09:45:09 kevin.allen@mindspring.com [Reply | View]
I installed the XCode Tools using the installer in /applications/installers/developer tools/developer.mkpg to get started and then followed the instructions. My thing was wanting to do a local update between a G5 and a Powerbook. I published 4 iCal calendars to the personal web sharing site built in to OS 10.3.6 after I webDAV enabled it. Then I just subscribed on my powerbook using the lan address for the G5's personal web sharing. Very slick and completely free. I suspect the revamp of iSync in OS 10.4 may make all that I just did unnecessary, but it was a fun romp through some code anyway.
-
I can't even start HELP
2004-06-22 06:42:31 mozart11 [Reply | View]
/Users/lombard/Desktop/mod_dav-1.0.3-1.3.6 is where mod dav is
how do I then run?
./configure
make
sudo make install
I've tried all sorts of combos
./configure
make
sudo make install /Users/lombard/Desktop/mod_dav-1.0.3-1.3.6
didn't work. Thanks for any help -
I can't even start HELP
2004-06-24 20:21:16 bradpuett [Reply | View]
Assuming you have the Developer Tools installed, execute the following commands from your terminal:
- cd /Users/lombard/Desktop/mod_dav-1.0.3-1.3.6
./configure
make
sudo make install
(I'm assuming you have gzip-ed and tar-ed the original file.) - cd /Users/lombard/Desktop/mod_dav-1.0.3-1.3.6
-
ARGH! It just won't work
2004-01-04 19:35:27 anonymous2 [Reply | View]
I can't seem to get it to work for some reason.
As you can probably tell from the error_log extract below, i keep pulling up error 500s from my web server.
Here's my error log:
[Mon Jan 5 14:32:38 2004] [error] [client 127.0.0.1] The locks could not be queried for verification against a possible "If:" header. [500, #0]
[Mon Jan 5 14:32:38 2004] [error] [client 127.0.0.1] Could not open the lock database. [500, #400]
[Mon Jan 5 14:32:38 2004] [error] [client 127.0.0.1] (13)Permission denied: I/O error occurred. [500, #1]
Any help's appreciated
Thanks -
ARGH! It just won't work
2004-01-24 07:34:16 shoaiby [Reply | View]
Hi, I was having the same problem and several hours went by before I finally got it working.
The directory specified in the DAVLockDB directive must have owner and group set to "www" :
# excerpt from httpd.conf file
...
DAVLockDB /Library/WebServer/DAVLock/DAVLock
...
In Terminal, type:
sudo chown www:www /Library/WebServer/DAVLock
Also, and this was the REAL problem why I kept getting "Could not open the lock database", the directory must be writable by everyone:
So I did this to make it work in Terminal:
sudo chmod 777 /Library/WebServer/DAVLock
And then it worked!. Hope this helps.
-
./configure problem
2003-10-31 05:12:55 cpbjr [Reply | View]
Help! When I try to run the ./configure command, I get the error message "./configure: Command not found." I have the Dec 2002 developer tools installed as well as the XCode Tools. I recently upgraded to Panther. Anyone able to provide any advice on this? Many thanks in advance.
-
Subscribe without authentication
2003-10-11 18:47:41 anonymous2 [Reply | View]
When I set up webdav I was able to publish to my URL (have Apache running on the same Mac) .... and of course entered name and password that I created "htpasswd -c" ...
But when I go to subscribe to my calendar from my other mac, I have to enter that name and password.
So I wonder do u know how to subscribe without needing authentication. Obviously all the shared icals on the Apple site don't need authentition ... any ideas would be greatly appreciated.
Thanx
Roger McCarrick
-
make: Command not found
2003-09-14 06:55:17 anonymous2 [Reply | View]
I installed the Developer Tools and I got the ./configure to work. But now it tells me that it can't find the make command. I found that "make" is installed in /usr/bin/make. Any suggestions? Thank you.
-
Can't publish to user Sites folder
2003-06-21 15:57:45 anonymous2 [Reply | View]
You do not need WebDAV to post a calendar into a local user's Sites directory. It would easier to just Export the file to the appropriate user's Sites directory.
-
./configure issues
2003-06-16 08:31:48 anonymous2 [Reply | View]
I try to run the ./configure command but this is what happens:
[Indigo:~/Desktop/Downloads/mod_dav-1.0.3-1.3.6] ben% ./configure
checking for gcc... no
checking for cc... no
checking for cc... no
checking for cl... no
configure: error: no acceptable cc found in $PATH
What is all the gcc, cc, cl stuff about? Any ideas how to make it work? I read in the INSTALL file that comes with the module that you should use "./configure --with-apache=" and then the path of the apache build directory. Maybe that's it. Where is the apache buil directory in Jaguar?
Thanks
-
WebDav set up for design group workflow
2003-05-31 17:31:39 kingdex [Reply | View]
I presume (not to be confused with assume) that I could follow the set-up described around ical to set up a workgroup workflow for a group of desingers wanting to collaborate using products and systems that support WebDAV? Specifically a group of OSX people using WebDAV savvy software such as InDesign 2.0.2? My realm of expertise is not in server set up however I very much want to make use of what Adobe tauts as an effective workflow for a group of independant designers and thier clients. Any help here would be greatly appreciated.
-
Can't get past step one!
2003-05-31 09:21:25 anonymous2 [Reply | View]
Well instead of complaining I'll just get into it! in this step:
" find the directory containing the WebDAV files, and run these commands:
./configure
make
sudo make install"
I type is everything as stated and this is what happens:
[mastercylinder:~] andrewke% /desktop/mod_dav-1.0.3-1.3.6 ./configure make sudo make install
/desktop/mod_dav-1.0.3-1.3.6: Command not found.
What do I do now?
-
Can't get past step one!
2003-05-31 10:24:02 anonymous2 [Reply | View]
here is the latest, somebody please troubleshoot!
[mastercylinder:~] andrewke% /Users/andrewke/Desktop/mod_dav-1.0.3-1.3.6 ./configure
/Users/andrewke/Desktop/mod_dav-1.0.3-1.3.6: Permission denied.
[mastercylinder:~] andrewke% make
make: Command not found.
[mastercylinder:~] andrewke% sudo make install
Password:
sudo: make: command not found
[mastercylinder:~] andrewke% /Users/andrewke/Desktop/mod_dav-1.0.3-1.3.6 sudo make install
/Users/andrewke/Desktop/mod_dav-1.0.3-1.3.6: Permission denied.
[mastercylinder:~] andrewke% /Users/andrewke/Desktop/mod_dav-1.0.3-1.3.6 ./configure make sudo make install
/Users/andrewke/Desktop/mod_dav-1.0.3-1.3.6: Permission denied. -
Can't get past step one!
2003-09-14 23:20:47 anonymous2 [Reply | View]
You need to change to the mod_dav directory (cd ~/Desktop/mod_dav-1.0.3-1.3.6), not type the directory name on the command line, which tells the shell to execute that command (it's why you get a permission denied error... it can't execute a directory).
Besides which, you don't have the developer tools installed. Go to http://connect.apple.com/ and sign up as an ADC (Apple Developer Connection) Member. Once you're logged in, you can download the 301.2MB December 2002 developer kit.
Install that and you're halfway there.
-
iCal can't Publish
2003-05-21 15:26:41 midnightlightning [Reply | View]
I have finally got WebDAV working on my local desktop running Jaguar (I had the XLM errors caused by PHP being loaded after WebDAV), and now the WebServer starts up without errors with the WebDAV commands in the httpd.conf file, but iCal gives an error whenever I try to publish. The exact error is: "Calendar could not be published. There was an unknown network error (2001)." I am trying to publish a calendar from my iBook to my iMac (iMac is running the webserver), using an Airport network created by the iMac. I've used the iMac's Rendezvous name and it's IP number in the URL field in iCal with no success. Any guesses?
-
DAVLock 10.2.4
2003-03-26 09:01:16 anonymous2 [Reply | View]
here is the problem. i got the permissions to work but not webdav. so i checked to see if any files were written to the DAVLock folder and there was not. I followed all the permission directions. It was working before 10.2.4. Is there anything else that woudl cause DAVLock to not be wirtten to.
-
Can't Publish to Server
2003-03-19 17:22:20 hd7001 [Reply | View]
First I must say I am a total newbie. I've been a graphic artist for a dozen years and am now getting my feet wet with administering an Mac XServe, learning UNIX and contemplating suicide. I followed the instructions in the article and failed to get it to work.
The sticking points...
You wrote: "Next, you need to make a place for the WebDAV lock database file. For lack of a better place, I created /usr/share/httpd/conf. Again, set the permissions so the server can write files here:"
I wonder: What? I don't have a folder "usr". do I make one? This passage is written to sound so obvious, but it isn't. What exactly am I creating here and why?
After attempting to create my own path to the conf. file I got to the next step...
You wrote: "First, create a password file in /Library/WebServer with this command:
htpasswd -c /Library/WebServer/.basic_pw webdav
You'll be prompted for a password.
Well... I wasn't exactly "prompted" for a password. I was shown a list of password "options" none of which seemed to get me anywhere. After a few attempts I exited the terminal with the futile hope that I somehow entered a password. Upon attempting to Publish my Calendar, using the username: webdav and my pseudo-password I get a progress bar that spins and a message that says: "publishing the calendar" and it goes NOWHERE, just keeps spinning.
My questions: If I did not properly submit a password, is there a way to do it correctly at this point (I did back up my httpd.conf)
What (with the small amount of info provided) did I do wrong and how do I fix it?
Where is the best source for a non-programmer to start learning this stuff (Unix, WebDav, PHP etc?)
Or should I just kill myself now and get it over with? -
Can't Publish to Server
2003-05-21 15:26:01 midnightlightning [Reply | View]
I'm also 'just' a graphic designer, but perhaps I can help you a bit: First, you should have a /usr folder; all Unix machines do. If you're looking in the Finder, you won't see it since it's a shitten directory. Go to the Go menu and choose Go to Folder, and type in "/usr" minus the quotes and it should make it visible for you. Or, in Terminal, type in "cd /usr", again, minus the quotes. For my machine, I had the /usr/share/httpd/ path, and just had to make a new folder called conf within that. The Terminal command for this is "mkdir conf" while within the httpd folder.
I'm not sure why you're having trouble with the htpasswd command; perhaps check your spelling?
-
can't publish to localhost (127.0.0.1)
2003-02-25 15:53:42 elmlish [Reply | View]
I'm pretty much clueless, but I'd think that this would work after having followed the directions... I noticed other people were having the same issues. I'd appreciate any hints or suggestions. Thanks for the article though. i'd just like a little clarification on whether or not I'm smoking crack here.
-
Can't publish to user Sites folder
2003-02-17 08:37:14 anonymous2 [Reply | View]
I can follow the step in the article and it works fine. However, when I try to publish to the /User/me/Sites/dav folder, I get the error "This access had been forbidden by server." I have substituted this directory with the one used in the example "/Library/WebServer/Documents/dav" in all of the Terminal commands but no luck. Any thoughts? Anyone? Bueler?
-
Publishes but doesn't subscribe
2003-02-16 13:07:41 anonymous2 [Reply | View]
OK, I got all the way through the article with no problems (which is something for an old Terminalphobe) and got iCal to publish the calendar.
I thought I was home free, til I tried to subscribe to the calendar. I get "downloaded data is not valid" errors in the iCal subscribe.
Any ideas?
Thanks
-
_XML errors
2003-02-06 14:32:58 wowmomnyc [Reply | View]
I get the same errors as Expat error? below. I've observed the startup of Apache using 'top'. I can see two instances of httpd starting (one for each user on my machine I suppose). Then after a few seconds, they die. When they die, these errors are written to the /var/log/httpd/error_log file:
dyld: /usr/sbin/httpd Undefined symbols:
_XML_ErrorString
_XML_GetErrorCode
_XML_Parse
_XML_ParserCreate
_XML_ParserFree
_XML_SetCharacterDataHandler
_XML_SetElementHandler
_XML_SetUserData
I also noticed (in top) two other processes, "c++flt3" and "crashdump" spawning and then dying while the httpds die.
Also, am I supposed to uncomment the "LoadModule dav_module libexec/httpd/libdav.so" and "AddModule mod_dav.c" directives in the httpd.conf file?
If I leave these commented out, I immediately get a "Mis-spelled" error on the command DavLockDB.
Thanks,
-
iMac, iCal, I stuck.
2003-01-22 16:40:27 anonymous2 [Reply | View]
I'd like to be able to install WebDav on my desktop MAC that acts as an office server. I want
to be able to publish and subscribe iCal across my office network and not rely on .mac.
I have set up the desktop iMac to webshare (built in wesharing) and would like WebDav to be a part of it.
Is it possible? If so, can you help me do it? I've tried to use the unix commands suggested on your website, but I'm having difficulty
Can you help please?
-
Does not work
2002-11-11 02:01:20 anonymous2 [Reply | View]
When I tried your link or put my own calendar up, both show up like this:
BEGIN:VCALENDAR CALSCALE:GREGORIAN X-WR-TIMEZONE;VALUE=TEXT:Europe/Stockholm METHOD:PUBLISH PRODID:-//Apple Computer\, Inc//iCal 1.0//EN X-WR-CALNAME;VALUE=TEXT:Work VERSION:2.0 BEGIN:VEVENT SEQUENCE:1 DTSTAMP:20021028T092952Z SUMMARY: FSF\, Lars Bohlin DTEND;TZID=Europe/Stockholm:20021028T150000 UID:CC1962CA-F2FB-11D6-8773-000393CCDFBE DTSTART;TZID=Europe/Stockholm:20021028T140000 END:VEVENT BEGIN:VEVENT SUMMARY:Eniro Elisabeth Kraijn DTSTART;TZID=Europe/Stockholm:20021030T090000 DTSTAMP:20021024T134033Z UID:CC1968A6-F2FB-11D6-8773-000393CCDFBE DURATION:PT1H END:VEVENT BEGIN:VEVENT SUMMARY:NĆ°Ėtverksmƶte Previa DTSTART;TZID=Europe/Stockholm:20021029T153000 DTSTAMP:20021029T141430Z UID:CC196B16-F2FB-11D6-8773-000393CCDFBE DURATION:PT1H BEGIN:VALARM TRIGGER;VALUE=DURATION:-PT15M ACTION:DISPLAY DESCRIPTION:Event reminder END:VALARM BEGIN:VALARM TRIGGER;VALUE=DURATION:-PT15M ATTACH;VALUE=URI:Hero ACTION:AUDIO END:VALARM END:VEVENT BEGIN:VEVENT SEQUENCE:1 DTSTAMP:20021024T134415Z .... and so on. What is wrong???
-
What about "Address Book"
2002-11-04 13:18:58 anonymous2 [Reply | View]
Is this same process possible with the Address Book app also?
-
What about viewing w/o iCal?
2002-11-02 10:55:11 anonymous2 [Reply | View]
Is there a way to view the iCal page I just published without using iCal? I thought there would have been a way to view these in a browser.
Also, if this is possible, is it also possible to update the contents without iCal?
Basically, I am looking for a way to update an iCal calendar via a web site remotely from my machine.
-
What about FreeBSD Unix?
2002-10-29 12:34:08 anonymous2 [Reply | View]
I have an apache server running FreeBSD Unix, it is a virtual private server not a mac : ( I figured the instructions should be similar enough that I would be able to figure how to get iCal to like my webserver. For some reason, when I add any kind of authentication to mod_dav, iCal will no longer write .ics files to the server. This is what does work for me...
LoadModule dav_module /usr/local/etc/httpd/modules/mod_dav-1.0.3.so
DAVLockDB /var/db/DAVLock/
DavMinTimeout 600
Alias /calendar/ /usr/local/etc/httpd/htdocs/davhome/
<Location /calendar/>
DAV On
<LimitExcept GET HEAD OPTIONS>
</LimitExcept>
</Location>
if I add "require user" in the limit tag or add "authtype basic", iCal can't write to my server. If I add .htaccess to the folder, iCal won't work. (yes I do know how to set up the passwords)
Any ideas on FreeBSD Apache??? I obviously can't leave this DAV folder unprotected. I would prefer .htaccess so the folder contents are unavaliable without the password.
-
apache + webdav + WebObjects
2002-10-27 05:45:05 anonymous2 [Reply | View]
Lots of MacOSX geeks run WebObjects. This uses an adaptor which uses Apache API; if someone updates their Apache from eg 1.3.26 to a 2.x version, to support digest authentication etc as suggested, is this going to break WebObjects because of Apache API changes?
The source to the adaptor is included; but you'd need to know what to change...
-
apache + webdav + WebObjects
2006-04-30 08:13:50 sweavo [Reply | View]
It's possible to get digest auth working with 1.3.33, I don't know if it works with WebObjects though. Also, it puts out a warning about the module not using the extended API and possibly causing crashes, so caveat emptor, normal disclaimers apply, etc.
Download the apache 1.3 source,
$ cd apacheblah/src
$ ./configure --enable-module=auth_digest --enable-shared=auth_digest
... EDIT the file modules/experimental/mod_auth_digest.c and global search and replace "digest_auth_module" with "digest_module"
$ make -C modules
$ mv modules/experimental/mod_auth_digest.so /usr/libexec/httpd
$ apachectl configtest && apachectl graceful
-
There are a few things I don't get
2002-10-16 18:57:07 anonymous2 [Reply | View]
I just followed the instructions and except for a few typos it seems to be working. I would like to be able for everyone to be able to access some of my calendars with a web browser, though only in read only mode. Is this possible? Also, I'd like to be able to synchronize calendars between my iMac and my PowerBook (been using unix for ages and the only control-key problems I ever had were caused by Sun) but iSync seems to want a .mac account. Is there a way to do it without a .mac account?
-
Multiple "publishers" ?
2002-10-10 08:19:10 anonymous2 [Reply | View]
Ok, so now the next step... Is it possible to have multiple people writing to the same WebDAV calendar? This would at least be a good start towards 'groupware' ability.
-
Buffy Calendar
2002-09-30 10:25:01 salamon [Reply | View]
Ok, you mentioned being able to subscribe to this seasons schedule for Buffy the Vampire slayer, but didn't provide a link, and I haven't been able to find one. Any pointers?
-
re: Apple Laptop Keyboards Unsuitable for Unix Users
2002-09-30 08:47:16 anonymous2 [Reply | View]
Does this help?
http://developer.apple.com/technotes/tn2002/tn2056.html
-
Apple Laptop Keyboards Unsuitable for Unix Users
2002-09-28 21:58:15 anonymous2 [Reply | View]
Apple laptops are effectively unusable for unix users.
I am a long-time Unix user. That means I need to have the Ctrl key to the left of the A key. This is a genuine need, not merely a want; it is based upon ergonomics.
The Ctrl key is heavily used in unix, and it must be easily accessable. It cannot be off in the lower left corner of the keyboard where it is difficult to get at, and where it distorts the position of your left hand such that you can't easily type other keys while holding the Ctrl key down.
Apple desktop keyboards are now all USB. They are all OK. The CapsLock key can be re-mapped into a Ctrl key.
Unfortunately, even in this modern age, all Apple laptops have built-in ADB keyboards. The ADB keyboard is broken-by-design. It is, in
general, not possible to remap the CapsLock key into a Ctrl key.
There are some exceptions, but they are horrible kludges. They are
horrible kludges because the original design of the ADB keyboard was a horrible
kludge. The correct solution would be for Apple to re-design their laptop motherboards to use built-in USB keyboards. This hasn't happened yet. If you run Linux, use Debian's solution. For Mac OS X users, uControl works. There are no solutions (that I know of) for either NetBSD or OpenBSD. Please note once again that the "solutions" above are in fact kludges, because of the original bad design of the ADB keyboard.
Apple is (currently) ignoring Unix users! This is not merely speculation on my part. In an on-going email exchange I am having with an Apple employee (whom I won't name) in their marketing department, the Apple marketing person directly stated to me that Apple was catering to their historic Mac customers, and is purposely ignoring the Unix market. He also claimed that Apple would soon start paying more attention to the Unix market. I won't hold my breath. Apple has been ignoring Unix users for more than 12 years. I expect that trend to continue. (Also note that my Apple contact indicated that Macs would never ship with a 3-button mouse, even though Apple intended to port almost all X-window software and deliver it either on a CD/DVD or installed directly on each Mac's hard drive. How Unix friendly is a 1-button mouse with X programs that often require 3 buttons?)
Apple has now lost two opportunities to sell me hardware. I really wanted an Apple laptop for their superior battery life, and for the PowerPC with Altivec CPU. (The Altivec is vastly superior to the
x86 line for DSP.) Because I can't live with the broken-by-design built-in ADB keyboard in all Apple laptops, Sony and IBM sold me laptops instead. If Apple fixes this problem, they will sell me a PowerBook next year; if they don't, I'll still be running OpenBSD on
x86 hardware, and wishing I could use a Mac.
-
mod_dav with php
2002-09-25 15:46:15 jawbrey [Reply | View]
If you have php and mod_dav enabled in the httpd.conf file, you need to move the mod_dav module in the LoadModule and AddModule sections below the php module so it loads AFTER php. Hopefully this will fix some of the errors people are seeing after they enable mod_dav. After I did this, everything worked like a charm! -
mod_dav with php
2002-09-25 16:19:17 anonymous2 [Reply | View]
AAAAARGH. You Swine.
I have just recompiled expat, recompiled mod_dav, and generally &*%$$ed around for hours with no success.
NOW you tell me to move two lines in the httpd.conf file.
And it works!
where were you yesterday (moan, gripe)?
Seriously - thanks for that crucial bit of info. solved the problem.
Don
-
Expat error?
2002-09-24 12:20:14 anonymous2 [Reply | View]
After following the instructions apache won't start. Running apachectl configtest gives me this:
Processing config directory: /private/etc/httpd/users
Processing config file: /private/etc/httpd/users/xxxx.conf
Syntax OK
dyld: /usr/sbin/httpd Undefined symbols:
_XML_ErrorString
_XML_GetErrorCode
_XML_Parse
_XML_ParserCreate
_XML_ParserFree
_XML_SetCharacterDataHandler
_XML_SetElementHandler
_XML_SetUserData
/usr/sbin/apachectl: line 171: 4554 Trace/BPT trap $HTTPD -t
-
Expat error? XML errors
2003-02-06 14:33:51 wowmomnyc [Reply | View]
I get the same errors. I've observed the startup of Apache using 'top'. I can see two instances of httpd starting. Then after a few seconds, they die. When they die, these errors are written to the /var/log/httpd/error_log file:
dyld: /usr/sbin/httpd Undefined symbols:
_XML_ErrorString
_XML_GetErrorCode
_XML_Parse
_XML_ParserCreate
_XML_ParserFree
_XML_SetCharacterDataHandler
_XML_SetElementHandler
_XML_SetUserData
I also noticed (in top) two other processes, "c++flt3" and "crashdump" spawning and then dying while the httpds die.
Also, am I supposed to uncomment the "LoadModule dav_module libexec/httpd/libdav.so" and "AddModule mod_dav.c" directives in the httpd.conf file?
If I leave these commented out, I immediately get a "Mis-spelled" error on the command DavLockDB.
Thanks, -
XSL parsing question
2003-07-16 13:33:26 anonymous2 [Reply | View]
Hello,
I was wondering if anyone could help me with this problem. I have the following XML code:
<AMServers>
<client>
<name>AWS North East</name>
<AMServers>SMS5SB11</AMServers>
<AMstate>GREEN</AMstate>
<AMsite>http://common.img.convergys.com:8080/cgi-bin/actmgr/parseDaily.pl?box=sms5sb11&option=B</AMsite>
<RASServers>AWSSRAS1</RASServers>
<RASstate>GREEN</RASstate>
</client>
When i try to run the page, I get this error:
A semi colon character was expected. Error processing resource 'http://common.img.convergys.com:8080/actmgr/servers.xml'. Line 9, Position 95
<AMsite>http://common.img.convergys.com:8080/cgi-bin/actmgr/parseDaily.pl?box=sms5sb11&option=B</AMsite>
Why can't I pass multiple parameters???
Thanks
-
Digest vs. Basic Authentication
2002-09-24 07:52:00 eray [Reply | View]
Thanks for the feedback from everyone. As author of this article, I want to address the security concerns of using basic authentication. It's true that digest auth is better because it uses strong encryption to protect the username and password. However, the version of Apache that ships with Mac OS X 10.2 which I use for my server is too old to implement digest auth correctly. It uses the deprecated mod_digest module instead of the correct mod_auth_digest shipping with current versions of Apache. I'm not sure why Apple is sticking with the out of date version of Apache and modules, but perhaps they will remedy that situation in the near future (I hope so). My attempts to use iCal with the older module failed, so I was left with only the basic auth option.
If you're doing mission critical work, you definitely should use strong encryption. But basic auth has been used for many years and is only just beginning to be phased out. I think that for purposes of experimentation it's probably okay to use basic auth, but you're on your own. I've requested that the editors add a cautionary statement to the article to make sure people realise the risk.
Thanks for reading and sorry for any confusion.
-
Digest vs. Basic Authentication
2002-09-24 14:56:55 mrprofessor [Reply | View]
It's true that Apple ships their version of Apache 1.3.x with the obsolete mod_digest module (which doesn't work with their own iCal product). Curiously, Apache ships 1.3.x with the up-to-date mod_auth_digest.
You can get a precompiled version at:
http://mithras.homeunix.net/downloads/mod_auth_digest.so.tgz
Install it in some convenient location (like, say /usr/local/libexec) and replace the loading of mod_digest in your httpd.conf file with
LoadModule digest_auth_module /path/to/mod_auth_digest.so
and
AddModule mod_auth_digest.c
After that, you should be good to go with digest authentication.
-
Clarifications
2002-09-23 21:33:55 Derrick Story |
[Reply | View]
Thanks to those who have pointed out a couple problems going on here.
First the obvious: "htuser" as stated in the article should be "htpasswd" That was a typo that got through.
Next, as for the security issue, here's what the author wrote to me in response to my inquiry:
"Concerning the bit about the httpd.conf stuff -- the reader is right that I could have done better using
digest authentication. However, I'm not able to get it to work and I don't want to submit an article with instructions that aren't going to work for other people either. I'll play with it some more and see if I can get it to work tonight."
In the meantime, thanks again to those contributing to make this piece useful. It's a good idea and worth learning how to do for all interested. We should have this piece cleaned up soon. Your continued suggestions are welcomed.
-
Jaguar setup changed?
2002-09-23 19:30:06 anonymous2 [Reply | View]
In the first step, you download and install mod_dav.
At least as far as 10.1.5 is concerned, mod_dav is
already included. You merely need to uncomment
the appropriate LoadModule and AddModule lines.
Is it no longer found in Jaguar?
Also, rather than doing a 'ps' and 'kill'-ing a PID, the
easiest way to restart apache is to use:
sudo apachectl restart
or
sudo apachectl graceful
-
this doesn't work as posted...
2002-09-23 18:14:47 anonymous2 [Reply | View]
...but the Linux instructions on webdav.org will.
-
Pathetic Security
2002-09-23 10:10:09 eray [Reply | View]
Points well taken. I'll revise the article to improve the security. Thanks.
-
pathetic security
2002-09-23 06:53:02 mrprofessor [Reply | View]
1)Using "Basic Authentication" is a BAD idea. It send your password as cleartext over the internet (where anyone can steal it).
"Digest Authentication" is just as easy (or difficult) to set up, and is more secure.
Since digest authentication (the version used by the mod_auth_digest apache module)is supported by iCal and by major current browsers like Mozilla and IE, there's no reason NOT to use it.
2)Also, I would use a limit statement like
<LimitExcept GET HEAD OPTIONS>
require user joe
</LimitExcept>
listing what http commands an unauthenticated user CAN use, rather than trying to list all the commands he CAN'T use.
When you set up a webDAV server, you are granting remote users on the internet write-access to your web-server.
This ought to scare you enough that you implement some decent security.
-
htuser?
2002-09-21 19:18:48 anonymous2 [Reply | View]
I have the default install of Jaguar and I have no htuser command...maybe it's not in my path...I'll have to check. -
htuser? Let me check into a fix
2002-09-22 23:25:09 Derrick Story |
[Reply | View]
As I look back over this, I think we need to make a fix on our side. Hopefully we post it on Monday morn.
--Derrick
I also created a folder (with proper permissions again) to use with WebDAV for iCal calendar sharing. This way my http.conf file ends like this:
# Define iCal access
DAVLockDB /opt/local/apache2/davlocks/DavLock
<Location /webdav/>
DAV on
AuthType Digest
AuthName "iCal"
AuthUserFile "/opt/local/apache2/davlocks/user.passwd"
<LimitExcept GET OPTIONS>
require user cef
</LimitExcept>
</Location>
When I try to connect using Finder->connect to server I get the following error: You cannot connect to this server because it cannot be found on the network.
It does pass the authetication (wrong password error does pop-up when I try a wrong one) - Is it something I have to define in the virtual hosts section?
I would appreciate your help on this as Darwinports is moving to macports and they took all their help pages offline this week...