[Zope] Re: ssh tunnelling webdave

Sam Stainsby sam at stainsby.id.au
Mon Nov 14 21:00:43 EST 2005


On Mon, 14 Nov 2005 17:30:36 -0700, David Bear wrote:

> I am having trouble getting webdav to work through ssh tunnels. I hope
> someone may be able to offer a suggestion.
> 
> running zope 2.7.4
> on FreeBSD 4.9
> python 2.4.
> 
> my zope.cnf file has the following under webdav-source
> <webdav-source-server>
> # valid keys are "address" and "force-connection-close"
> address 8088
> force-connection-close off
> </webdav-source-server>
> 
> the server address is set as follows:
> 
> ip-address 127.0.0.1 <http://127.0.0.1>
> 
> To clarify things, I front this with apache and connect to it using fastcgi
> connecting to localhost:8089.
> This works fine and has been for 2 years. I only want to add webdav
> capability. Since I haven't seen any documentation
> passing webdav through apache, I thought I would have to resort to stunnel
> or tunneling through ssh. So, on my ssh client, I do the follwoing
> 
> ssh -L 8088:localhost:8088 zopeserver.asu.edu <http://zopeserver.asu.edu>

I have, as of this morning, just got Zope webdav working through Apache,
with Apache only allowing HTTPS access (I assume this is what you are
trying to achieve, for security reasons?). No need for SSH tunnels at all.
Just some URL rewriting:

RewriteRule ^/dav/(.*)
http://localhost:9675/VirtualHostBase/https/example.com:9670/VirtualHostRoot/_vh_dav/$1
[P]

(host name changed to protect the innocent). I have Zope serving only to
127.0.0.1, serving webdav on a separate port (9675) to HTTP. I have other
rewrite rules to cater for ordinary HTTP (non-webdav) access. Apache is
serving up HTTPS on port 9670. With my config up above, you prepend '/dav'
to the path to access things via webdav e.g.
https://example.com:9670/dav/myfolder/ for "webdavs" access to
"myfolder" instead of https://example.com:9670/myfolder/ for https access.

I also have applied a patch to Zope to make it work with Microsoft's
latest (failed) attempt to get webdav right. I used the info here:
http://teyc.editthispage.com/2005/06/02 .. note: add the line to the
OPTIONS method in the file that they mention. I can add a new webdav
"network place" under XP and drag/drop/delete of files works. Of course,
the usual Linux clients work without any patching.








More information about the Zope mailing list