+

Search Tips   |   Advanced Search

Use WebDAV file store


WebDAV overview and entry point URL


WebDAV is defined by RFC2518 as an HTTP extension framework with a plug point for the access and management of hierarchical data. For example, in content management systems. WebDAV stores the data in collections. We can work with the data in a user interface view that is similar to that of a file system. A folder represents a WebDAV collection. Various tools are available for integrating WebDAV resources into the client file system. Users can use these tools to view and modify resources they can access with WebDAV. For WebDAV specification information, see the RFC2518 document in the related links.

The HTTP Basic Authentication TAI must be enabled to use WebDAV in WebSphere Portal. This TAI is enabled by default. We can obtain the entry point URL to the WebDAV file store from the service document under...

    /wps/mycontenthandler/!ut/p/model/service-document

The service document contains the top-level access point as follows:

    <app:collection href="/webdav/!ut/p/dav/fs-type1/">
         <atom:title>fs-type1</atom:title>
         <app:categories fixed="yes">
              .....            
              <atom:category term="http://setgetweb.com/p/c5/admin/admin/webdav.html"/>
              <atom:category term="filestore"/>
              .....       
         </app:categories>
    </app:collection>

The entry point URL for themes is as follows:

    http://server:port/PORTAL_HOME/mycontenthandler/dav/fs-type1/

Examples of URLs for themes are as follows:

    http://www.my_company.com:10027/wps/mycontenthandler/dav/fs-type1/

  • For theme-related resources:

      http://my_company.com:10027/wps/mycontenthandler/dav/fs-type1/themes/

  • For skin-related resources:

      http://my_company.com:10027/wps/mycontenthandler/dav/fs-type1/skins/

To authenticate against a specific virtual portal, we can identify the target virtual portal either by its host name or its URL context. Examples:

  • To authenticate to the virtual portal identified by the host name vp.myco.com and then connect to the themes folder, use the following URL entry point:

      http://vp.myco.com:10027/wps/mycontenthandler/dav/fs-type1/themes/

  • To authenticate to the virtual portal identified by the URL context vp1 and then connect to the themes folder, use the following URL entry point:

      http://localhost:10027/wps/mycontenthandler/vp1/!ut/p/dav/fs-type1/themes/

For details about the WebDAV specification, see the RFC2518 document in the related links.


Folder structure and reserved folder names

The fs-type1 WebDAV entry points provide the following set of predefined root folders used by themes:

  • themes
  • skins
  • layout-templates
  • common-resources
  • iwidgets

The fs-type1 WebDAV entry points also provide the following set of predefined root folders. We can access them using the Remote Model function provided by the Enabler API:

  • public
  • users

The fs-type1 WebDAV entry points provide the following internal folder:

  • system

None of the folders listed here can be deleted, not even by an administrator.

The two sets of folders differ in the access control policy that guards access to the resources contained in those folders. See the following sections for details.


Theme folders

The following list shows the folder structure for the themes. Each folder represents a WebDAV collection. We administer write access to the theme folders with the virtual resource THEME MANAGEMENT provided by portal access control.

    /themes

    Use this folder to store resources associated to themes, such as theme templates. Typically, each subfolder represents one theme.

    /skins

    Use this folder to store global skins. Typically, each subfolder of this folder represents one global skin.

    /layout-templates

    Use this folder to store templates for layouts that can be used by individual themes. Typically, each subfolder represents one layout template.

    /common-resources

    Use this folder to share common resources between different themes, so they can be managed in a single place.

    /iwidgets

    Use this folder to place widgets into it.

WebDAV prevents the deletion of these folders. Even users with administrator rights cannot delete these folders and the data in them.


Manage access control for Page Builder theme folders

All users have view access to all resources in these folders. It includes both anonymous users and authenticated users. To give users write access to resources contained in these folders, assign the users MANAGER role on the virtual resource THEME MANAGEMENT in portal access control. Managers can create, modify, or delete such resources


Assign access control to users and managers for theme resources in WebDAV

To allow non-administrator users to update or modify existing files...

  1. Run...

      cd WP_PROFILE/ConfigEngine
      ConfigEngine.sh export-nodes -DWasPassword=wpsadmin -DPortalAdminPwd=wpsadmin -Dquery="/filestore/fs-type1/themes" -Dwp.content.repository.output.dir="c:\temp\jcr"

  2. Edit the file that was exported in the c:\temp\jcr directory. Add the manager and user role by adding the following code.

      
      <icm:role icm:actions="actionset:Manager,actions:Traverse,View,Edit,Add_Child,Delete,Join,">       
          <icm:principal icm:name="uid=testuser,o=defaultwimfilebasedrealm" icm:type="USER" />            
      </icm:role>  
      

    Add it after the <icm:owner> element. See the following complete code snippet for reference.

    <icm:node>
        <icm:access>   
            <icm:wps>      
                <icm:owner>    
                <icm:principal icm:name="uid=wpsadmin,o=defaultwimfilebasedrealm" icm:type="USER" />            
            </icm:owner>  
            <icm:role icm:actions="actionset:Manager,actions:Traverse,View,Edit,Add_Child,Delete,Join,">       
                <icm:principal icm:name="uid=testuser,o=defaultwimfilebasedrealm" icm:type="USER" />            
            </icm:role>    
            </icm:wps>  
        </icm:access>              
    </icm:node>       

  3. Import the file with the following ConfigEngine task.

      ConfigEngine.sh import-nodes -DWasPassword=wpsadmin -DPortalAdminPwd=wpsadmin -Dwp.content.repository.input.dir="c:\temp\jcr"


Other folders

The following list shows extra folders. Each of these folders represents a WebDAV collection. The access control policy for them is hardcoded as described for each folder.

    /public

    All authenticated users have read and write access to this folder.

    Anonymous users have read access only.

    /users

    All authenticated users have read access only to this folder.

    Anonymous users have read access only.

    /users/user_name

    Only the user user_name has access to these files. This folder is created for the individual user user_name when the user accesses the WebDAV file store for the first time.

    To have human readable folder names, the portal uses the user IDs of the individual users as the names for the users' folders user_name. Internally, the portal uses the VMM ID of the user, so data does not need to be moved when the user name is changed. To programmatically find the URL entry point to a folder for the current user, we can look into the services document. The access point for user-specific data is provided as follows:

    <app:collection href="/webdav/!ut/p/dav/fs-type1/users/<username>">
         <atom:title>fs-type1-user</atom:title>
         <app:categories fixed="yes">
              . . . . .
              <atom:category term="http://setgetweb.com/p/c5/admin/admin/webdav.html"/>
              <atom:category term="filestore"/>
              <atom:category term="user"/>
              . . . . .          </app:categories>
    </app:collection>

    /users/user_name/public

    The user user_name has read and write access to this folder. This folder contains content the user user_name shared with other users. Portal access control mapping: inherited.

    All authenticated users have read access to this folder.

    Anonymous users have read access to this folder.

    All other subfolders of /users/user_name can only the accessed by the user user_name.

    /system

    The system folder is reserved for system internal information. Administrators can view this folder in WebDAV. Other portal users cannot view this folder. Portal access control mapping: None.


File store cache control

The WebDAV file store supports serving timeout values for HTTP Cache Header entries.

Use regular expressions to specify the timeout value for elements in the file store folder structure that match the regular expression. We need to add the following two custom properties to the WP Config Service resource environment provider with the following key = value properties:

    filestore.cache.expiration.id.re=regular expression filestore.cache.expiration.id.seconds=value

The id value can consist of an arbitrary string. It is used only to establish the mapping between a regular expression and its associated timeout value. If there are multiple regular expressions that match any file store resource, the maximum of the associated timeout values are used. Examples:

  1. All items under the /themes folder have an expiration time of 1800 seconds:

      filestore.cache.expiration.0.re=themes/.* filestore.cache.expiration.0.seconds=1800

  2. All items of a certain resource type, such as jpg or gif have an expiration time of 6000 seconds:

      filestore.cache.expiration.1.re=.*\.jpg|.*\.gif filestore.cache.expiration.1.seconds=6000

    All css files in the themes folder have an expiration time of 8000 seconds:

      filestore.cache.expiration.2.re=themes/.*\.css filestore.cache.expiration.2.seconds=8000


Supported HTTP methods

WebDAV file store supports the following HTTP methods:

    PROPFIND

    This method allows portal users to find out details about the resource hierarchy, such as the WebDAV collection structure. Users can also find details about resources, such as their names, sizes, and dates of last modification.

    MKCOL

    This method allows users to create new folders, that are WebDAV collections.

    GET

    This method allows users to retrieve resources on which they have at least View role access rights.

    HEAD

    This method allows users to retrieve HTTP headers of resources on which they have at least View role access rights.

    POST

    This method allows users to upload new resources.

    DELETE

    This method allows users to delete resources or folders, that is WebDAV collections.

    PUT

    This method allows users to update resources, such as documents or images in a folder.

    COPY

    This method allows users to copy resources or folders, that is WebDAV collections.

    MOVE

    This method is used to move or rename resources or folders, that is WebDAV collections.


Parent Use WebDAV with WebSphere Portal

Related tasks:

Enable HTTP Basic Authentication for simple clients