Siteminder + Apache + Webdav access

Replies to This Discussion

Permalink Reply by David Saraiva on January 24, 2012 at 10:08am

In the past, WebDAV was officially supported only on SPS (SecureProxyServer) but not regular WebAgents.  However, some people were able to get past this by adding the following methods/verbs to the "Web Agent" agent type:

GET, POST, PUT, HEAD, DELETE, CONNECT, OPTIONS, TRACE, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, and UNLOCK

You should then be able to define rules based on those WebDAV methods.

• ▶ Reply

Permalink Reply by Praveen mvk on January 24, 2012 at 1:12pm

Hi David,

 

Thanks for your response!

I tried adding the above actions for siteminder agent and defined rules for the webdav HTTP methods but it fails displaying a popup window "The folder that you entered does not appear to be valid. Please choose another one" when I try add the webdav resource in Xp netwrok places using "Add netwrok location".

I enter a http url in the non-browser client in a similar way that I enter in a browser, ir works in a web browser fine but not with non-browser client.

Here are the logs when accessed thru non-browser client:

 [23/Jan/2012:15:15:09 -0800] "OPTIONS /abc/xyz HTTP/1.1" 302 538 4821
x.x.x.x - - [23/Jan/2012:15:15:12 -0800] "OPTIONS / HTTP/1.1" 302 529 4835
x.x.x.x - - [23/Jan/2012:15:15:12 -0800] "OPTIONS /abc/xyz HTTP/1.1" 302 538 940
x.x.x.x - - [23/Jan/2012:15:15:12 -0800] "OPTIONS / HTTP/1.1" 302 529 692
x.x.x.x - - [23/Jan/2012:15:15:12 -0800] "OPTIONS /abc/xyz HTTP/1.1" 302 538 740

Here are the logs when accessed thru browser:
x.x.x.x - - [24/Jan/2012:09:36:42 -0800] "GET /abc/xyz HTTP/1.1" 302 534 6495
x.x.x.x - - [24/Jan/2012:09:37:37 -0800] "GET /abc/xyz HTTP/1.1" 302 63 65179
x.x.x.x - - [24/Jan/2012:09:37:37 -0800] "GET /abc/xyz/ HTTP/1.1" 200 589 9408

 

Thanks

• ▶ Reply

Permalink Reply by Praveen mvk on February 6, 2012 at 3:10pm

Hello David:

 

I was able get around with the access issues with webdav connection. I used HTTP basic auth scheme and then the connection was successful. However, I'm facing the following issues after authenticating with siteminder creds,

1) Any attempt to double click on a file or folder on the right pane of the Explorer does nothing.

2) As another test I started the Windows Paint program and tried to open one of the TIF files that is in the var/dam folder. The files don’t show up in the open dialog.  It feels like an access or permissions issue.

We have an Apache webserver in front of the tomcat appserver both are on the same physical server accessed thru different ports. When we access the app thru Apache(Siteminder ON) we are facing this issue as opposed to when you access the app directly with a different port(without siteminder authnetication, app auth comes into picture here)..

Any ideas on this?

 

Thanks, Benny

• ▶ Reply

Permalink Reply by ram on February 7, 2012 at 10:06am

  I am not sure how to fix this issue in Apache but I had a similar issue with Web DAV  on IIS7.5.

    When SiteMinder is ON the app was having issues browsing images.  But when SiteMinder is OFF it  worked fine.

 We had to make the following changes in WebDAV config on IIS.

  1) In IIS Manager "Connections" pane, expand "Sites" and select "Default Web Site".
2) Choose "WebDAV Authoring Rules".
3) Select "WebDAV Settings" in the Actions pane.
- Set "Allow anonymous property queries" to True (mainly this one, Below two were already set properly )
- Set "Allow custom properties" to True    
- Set "Allow property queries with infinite depth" to False

  Once this is done. we restarted IIS and it worked fine.  

Thanks, Ram

 

• ▶ Reply