Anonymous read-only access to WebDAV directories


#1

I’m using the Goodies/htaccess/webdav utility for setting up a git repository on a domain, and it works great for me, using a username/password.

However, I’d also like to have this same git repository be anonymously available for read-only access, but this doesn’t seem possible – it seems to require authentication for simple GET requests, too.

My solution now is to just use a cron job to clone the git directory to another one outside of the webdav path, but it would be more convenient not to have to do that.

Or, an explanation about why letting read-only access would be a horrible, awful, insecure idea would be OK, too.


#2

Good workaround. I detailed the general need & problem here
http://wiki.dreamhost.com/WebDAV#access_levels_which_are_custom_and.2For_settings_which_are_managed_automatically – post updates to there.


#3

I searched Google for some time on how to do this before finally contacting Dreamhost support. I should have done that sooner as the solution is quite simple, although not intuitive from the wording in the Web Panel.

I'm sorry for the delay replying. What you describe is possible via the WebDAV area of the panel. It's a bit too subtle, it seems. What you do is, on the page you configure the WebDAV settings for a directory, make sure "Password Protect" is UNCHECKED, but also make sure Enable WebDAV is checked AND you also replace the default username and passwords with your own. What this does is sets up the directory to be publicly accessible via plain http:// connections, but it also requires a login and password to add/remove files (exactly what you want!) The key is that the client has to connect using just a plain request, and the WebDAV client requires authentication. You can see what I mean by testing the plain URL in a browser (no prompt), then try to load the same URL in the Finder (or Pathfinder). You can't proceed there without authentication since the Finder is sending WebDAV requests. I hope this helps. If you have further questions, please don't hesitate to let me know.

I hope this helps someone else.