Ping a Specific Port

Question

Dmytro Leonenko

Asked: 2011-03-23 15:29:04 +0800 CST2011-03-23 15:29:04 +0800 CST 2011-03-23 15:29:04 +0800 CST

WebDAV and Windows 7 client

772

I've enabled apache dav module on my site and configured digest authentication for it. Now i'm trying to connect windows drive to it. Command follows:

net use z: http://dav.mysite.com/Files /user:username *

then it asks for password. After that drive appears to be connected except for one detail. In server logs I can see strange 401 errors:

xx.xx.xx.xx - - [22/Mar/2011:23:05:04 +0000] "PROPFIND /Files HTTP/1.0" 401 751
xx.xx.xx.xx - username [22/Mar/2011:23:05:04 +0000] "PROPFIND /Files HTTP/1.0" 301 495
xx.xx.xx.xx - - [22/Mar/2011:23:05:04 +0000] "PROPFIND /Files/ HTTP/1.0" 401 751
xx.xx.xx.xx - username [22/Mar/2011:23:05:04 +0000] "PROPFIND /Files/ HTTP/1.0" 207 1175
xx.xx.xx.xx - - [22/Mar/2011:23:05:07 +0000] "PROPFIND /Files HTTP/1.0" 401 751
xx.xx.xx.xx - username [22/Mar/2011:23:05:07 +0000] "PROPFIND /Files HTTP/1.0" 301 495
xx.xx.xx.xx - - [22/Mar/2011:23:05:07 +0000] "PROPFIND /Files/ HTTP/1.0" 401 751
xx.xx.xx.xx - username [22/Mar/2011:23:05:07 +0000] "PROPFIND /Files/ HTTP/1.0" 207 1175

As you can see for any proper digest authenticated request it sends one wrong request

My apache config:

<VirtualHost xx.xx.xx.xx:80>
        ServerAdmin [email protected]
        ServerName dav.dav.mysite.com
        DocumentRoot /var/www/dav.mysite.com/
        UseCanonicalName Off

        Alias /Files "/var/www/dav.mysite.com/"



        BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
        BrowserMatch "MS FrontPage" redirect-carefully
        BrowserMatch "^WebDrive" redirect-carefully
        BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
        BrowserMatch "^gnome-vfs/1.0" redirect-carefully
        BrowserMatch "^XML Spy" redirect-carefully
        BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
        BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On


        <Directory "/var/www/dav.mysite.com">
                Dav On
                Order allow,deny
                Allow from all
                AuthType Digest
                AuthName "DAV-upload"
                AuthDigestDomain /Files/
                AuthDigestProvider file
                AuthUserFile /var/www/webdav.passwd
                Require valid-user
        </Directory>

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel error
        ErrorLog /var/log/apache2/dav.dav.mysite.com-error.log
        CustomLog /var/log/apache2/dav.dav.mysite.com.log common
        ServerSignature Off
</VirtualHost>

And it works very-very slowly. Why do you think it sends requests without authentiocation? BTW other webdav clients work properly

P.S. nginx is sitting in front of apache and passing ALL the traffic to it

2 Answers

Voted

gdurham · Answer 1 · 2011-03-23T19:25:31+08:00

gdurham

2011-03-23T19:25:31+08:002011-03-23T19:25:31+08:00

Welcome to a huge pain. I had the same problem and figured it out in windows. First thing is go to internet explorer then tools internet options. Go to connections tab and look at I believe lan settings. Here look if "auto detect lan settings" is checked. If so uncheck it. This will fix the speed issues. If you still see problems come back and ill give you some more ideas.

4

Daniel Sokolowski · Answer 2 · 2013-02-08T09:50:15+08:00

I was able to find an answer that this is apparently by design: the authentication challenge is to be on every request. A work around that I implemented is to allow anonymous directory/file listing (PROPFIND requests) and authentication on everything else using Apache config shown below. The speed improvement is significant, for a python project with 21876 files a refresh takes half as long, 11 minutes vs 22 minutes with authentication.

## Development HTTP Site
<VirtualHost *:80>
        ServerAdmin [email protected]
        ServerName development.FOO.com
        ServerAlias www.development.FOO.com

        # Log file location and settings; logs within project is ok as long as 'links' are made to system 'var/log/apache'
        ErrorLog /var/log/apache2/development.FOO.com-error.log
        CustomLog /var/log/apache2/development.FOO.com-vhost_combined-access.log vhost_combined

        # Canonical to always strip www - see: https://stackoverflow.com/questions/88011/make-apache-automatically-strip-off-the-www
        RewriteCond %{HTTP_HOST} ^www\.(.+)$
        RewriteRule ^(.*)$ ${SERVER_PROTOCOL}://%1/$1 [R=301,L,NC]

        # Authenticated access for the development site version - because without this Google will find you!
        # Just in case we also prevent serving of the password logins file if it is stored in a serving folder.
        Redirect /apache-logins.htdigest http://development.FOO.com
        <Location />
                DAV On
                DirectoryIndex disabled
                Options +Indexes
                AuthType Digest
                AuthName "development.FOO.com"
                # AuthDigestDomain which urls (and any under it) this applies - should match location
                AuthDigestDomain /
                AuthDigestProvider file
                AuthUserFile /srv/www/django/development.FOO.com/apache-logins.htdigest
                # uncomment the LimitExcept to receive a small boost for non caching Windows WebDav client by allowing
                # anonymous directory listing; see http://serverfault.com/questions/250578/webdav-and-windows-7-client
                <LimitExcept PROPFIND>
                    Require valid-user
                </LimitExcept>
        </Location>

        WSGIProcessGroup development.FOO.com
        # You can further limit processes, threads and set a inactivity-timer so deamon get unloaded
        WSGIDaemonProcess development.FOO.com display-name=%{GROUP}
        WSGIScriptAlias / /srv/www/django/development.FOO.com/apache-django-development.wsgi

        # Serve static / media files through apache instance and alias/map them to specific urls. to maximize security
        # `Options -Indexes` is enabled to prevent directory listing
        Options -Indexes
        Alias /robots.txt /srv/www/django/development.FOO.com/src/django-project/static/robots.txt
    #Alias /sitemap.xml /srv/www/django/development.FOO.com/src/django-project/static/sitemap.xml
        Alias /favicon.ico /srv/www/django/development.FOO.com/src/django-project/static/favicon.ico
        Alias /media /srv/www/django/development.FOO.com/src/django-project/static/
        Alias /static /srv/www/django/development.FOO.com/src/django-project/static/

</VirtualHost>

Here is some more information: https://stackoverflow.com/questions/666553/how-to-avoid-windows-vista-to-do-double-webdav-requests

WebDAV and Windows 7 client

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?