[Deploying Sakai] Webdav
Seth Theriault
slt at columbia.edu
Wed Sep 30 06:48:22 PDT 2009
Sloane, James wrote:
> Just wondering about how other people run WebDAV, if they're
> happy with basic authentication or use SSL for encryption? We
> run Sakai 2.4 behind apache and are working out the options or
> if its possible to run SSL for webdav separate from sakai.
The authentication method and SSL encruyption are, as you might
already know, 2 different things.
Sakai's DAV module uses HTTP Basic-Auth for authentication
transport mechanism between the DAV client and the Sakai server.
It's backed by internal authentication against the Sakai database
or whatever method you have a UserDirectorProvider for (LDAP,
Kerberos, etc.). Any container-based login schema you are using
for the Web interface probably isn't going to work with DAV,
hence the UDP requirement. For example, here at Columbia, we use
the Kerberos UDP for DAV logins and a CAS-like WebISO for the
rest.
You want to have SSL encryption so that a user's login and
password are NOT transmitted in the clear. Many institutions,
including Columbia, are using Apache to handle SSL (and other)
duties for Sakai.
Seth
More information about the production
mailing list