Use WebDAV file store
WebDAV overview and entry point URL
WebDAV is defined by RFC2518 as an HTTP extension framework with a plug point for the access and management of hierarchical data. For example, in content management systems. WebDAV stores the data in collections. We can work with the data in a user interface view that is similar to that of a file system. A folder represents a WebDAV collection. Various tools are available for integrating WebDAV resources into the client file system. Users can use these tools to view and modify resources they can access with WebDAV. For WebDAV specification information, see the RFC2518 document in the related links.The HTTP Basic Authentication TAI must be enabled to use WebDAV in WebSphere Portal. This TAI is enabled by default. We can obtain the entry point URL to the WebDAV file store from the service document under...
/wps/mycontenthandler/!ut/p/model/service-document
The service document contains the top-level access point as follows:
<app:collection href="/webdav/!ut/p/dav/fs-type1/"> <atom:title>fs-type1</atom:title> <app:categories fixed="yes"> ..... <atom:category term="http://setgetweb.com/p/c5/admin/admin/webdav.html"/> <atom:category term="filestore"/> ..... </app:categories> </app:collection>The entry point URL for themes is as follows:
http://server:port/PORTAL_HOME/mycontenthandler/dav/fs-type1/
Examples of URLs for themes are as follows:
http://www.my_company.com:10027/wps/mycontenthandler/dav/fs-type1/
- For theme-related resources:
http://my_company.com:10027/wps/mycontenthandler/dav/fs-type1/themes/
- For skin-related resources:
http://my_company.com:10027/wps/mycontenthandler/dav/fs-type1/skins/
To authenticate against a specific virtual portal, we can identify the target virtual portal either by its host name or its URL context. Examples:
- To authenticate to the virtual portal identified by the host name vp.myco.com and then connect to the themes folder, use the following URL entry point:
http://vp.myco.com:10027/wps/mycontenthandler/dav/fs-type1/themes/
- To authenticate to the virtual portal identified by the URL context vp1 and then connect to the themes folder, use the following URL entry point:
http://localhost:10027/wps/mycontenthandler/vp1/!ut/p/dav/fs-type1/themes/
For details about the WebDAV specification, see the RFC2518 document in the related links.
Folder structure and reserved folder names
The fs-type1 WebDAV entry points provide the following set of predefined root folders used by themes:
- themes
- skins
- layout-templates
- common-resources
- iwidgets
The fs-type1 WebDAV entry points also provide the following set of predefined root folders. We can access them using the Remote Model function provided by the Enabler API:
- public
- users
The fs-type1 WebDAV entry points provide the following internal folder:
- system
None of the folders listed here can be deleted, not even by an administrator.
The two sets of folders differ in the access control policy that guards access to the resources contained in those folders. See the following sections for details.
Theme folders
The following list shows the folder structure for the themes. Each folder represents a WebDAV collection. We administer write access to the theme folders with the virtual resource THEME MANAGEMENT provided by portal access control.
- /themes
- Use this folder to store resources associated to themes, such as theme templates. Typically, each subfolder represents one theme.
- /skins
- Use this folder to store global skins. Typically, each subfolder of this folder represents one global skin.
- /layout-templates
- Use this folder to store templates for layouts that can be used by individual themes. Typically, each subfolder represents one layout template.
- /common-resources
- Use this folder to share common resources between different themes, so they can be managed in a single place.
- /iwidgets
- Use this folder to place widgets into it.
WebDAV prevents the deletion of these folders. Even users with administrator rights cannot delete these folders and the data in them.
Manage access control for Page Builder theme folders
All users have view access to all resources in these folders. It includes both anonymous users and authenticated users. To give users write access to resources contained in these folders, assign the users MANAGER role on the virtual resource THEME MANAGEMENT in portal access control. Managers can create, modify, or delete such resources
Assign access control to users and managers for theme resources in WebDAV
To allow non-administrator users to update or modify existing files...
- Run...
cd WP_PROFILE/ConfigEngine
ConfigEngine.sh export-nodes -DWasPassword=wpsadmin -DPortalAdminPwd=wpsadmin -Dquery="/filestore/fs-type1/themes" -Dwp.content.repository.output.dir="c:\temp\jcr"
- Edit the file that was exported in the c:\temp\jcr directory. Add the manager and user role by adding the following code.
<icm:role icm:actions="actionset:Manager,actions:Traverse,View,Edit,Add_Child,Delete,Join,"> <icm:principal icm:name="uid=testuser,o=defaultwimfilebasedrealm" icm:type="USER" /> </icm:role>
Add it after the <icm:owner> element. See the following complete code snippet for reference.
<icm:node> <icm:access> <icm:wps> <icm:owner> <icm:principal icm:name="uid=wpsadmin,o=defaultwimfilebasedrealm" icm:type="USER" /> </icm:owner> <icm:role icm:actions="actionset:Manager,actions:Traverse,View,Edit,Add_Child,Delete,Join,"> <icm:principal icm:name="uid=testuser,o=defaultwimfilebasedrealm" icm:type="USER" /> </icm:role> </icm:wps> </icm:access> </icm:node>
- Import the file with the following ConfigEngine task.
ConfigEngine.sh import-nodes -DWasPassword=wpsadmin -DPortalAdminPwd=wpsadmin -Dwp.content.repository.input.dir="c:\temp\jcr"
Other folders
The following list shows extra folders. Each of these folders represents a WebDAV collection. The access control policy for them is hardcoded as described for each folder.
- /public
- All authenticated users have read and write access to this folder.
- Anonymous users have read access only.
- /users
- All authenticated users have read access only to this folder.
- Anonymous users have read access only.
- /users/user_name
- Only the user user_name has access to these files. This folder is created for the individual user user_name when the user accesses the WebDAV file store for the first time.
To have human readable folder names, the portal uses the user IDs of the individual users as the names for the users' folders user_name. Internally, the portal uses the VMM ID of the user, so data does not need to be moved when the user name is changed. To programmatically find the URL entry point to a folder for the current user, we can look into the services document. The access point for user-specific data is provided as follows:
<app:collection href="/webdav/!ut/p/dav/fs-type1/users/<username>"> <atom:title>fs-type1-user</atom:title> <app:categories fixed="yes"> . . . . . <atom:category term="http://setgetweb.com/p/c5/admin/admin/webdav.html"/> <atom:category term="filestore"/> <atom:category term="user"/> . . . . . </app:categories> </app:collection>
- /users/user_name/public
The user user_name has read and write access to this folder. This folder contains content the user user_name shared with other users. Portal access control mapping: inherited.
All authenticated users have read access to this folder.
Anonymous users have read access to this folder.
All other subfolders of /users/user_name can only the accessed by the user user_name.
- /system
- The system folder is reserved for system internal information. Administrators can view this folder in WebDAV. Other portal users cannot view this folder. Portal access control mapping: None.
File store cache control
The WebDAV file store supports serving timeout values for HTTP Cache Header entries.
Use regular expressions to specify the timeout value for elements in the file store folder structure that match the regular expression. We need to add the following two custom properties to the WP Config Service resource environment provider with the following key = value properties:
filestore.cache.expiration.id.re=regular expression filestore.cache.expiration.id.seconds=value
The id value can consist of an arbitrary string. It is used only to establish the mapping between a regular expression and its associated timeout value. If there are multiple regular expressions that match any file store resource, the maximum of the associated timeout values are used. Examples:
- All items under the /themes folder have an expiration time of 1800 seconds:
filestore.cache.expiration.0.re=themes/.* filestore.cache.expiration.0.seconds=1800
- All items of a certain resource type, such as jpg or gif have an expiration time of 6000 seconds:
filestore.cache.expiration.1.re=.*\.jpg|.*\.gif filestore.cache.expiration.1.seconds=6000
All css files in the themes folder have an expiration time of 8000 seconds:
filestore.cache.expiration.2.re=themes/.*\.css filestore.cache.expiration.2.seconds=8000
Supported HTTP methods
WebDAV file store supports the following HTTP methods:
- PROPFIND
- This method allows portal users to find out details about the resource hierarchy, such as the WebDAV collection structure. Users can also find details about resources, such as their names, sizes, and dates of last modification.
- MKCOL
- This method allows users to create new folders, that are WebDAV collections.
- GET
- This method allows users to retrieve resources on which they have at least View role access rights.
- HEAD
- This method allows users to retrieve HTTP headers of resources on which they have at least View role access rights.
- POST
- This method allows users to upload new resources.
- DELETE
- This method allows users to delete resources or folders, that is WebDAV collections.
- PUT
- This method allows users to update resources, such as documents or images in a folder.
- COPY
- This method allows users to copy resources or folders, that is WebDAV collections.
- MOVE
- This method is used to move or rename resources or folders, that is WebDAV collections.
Parent Use WebDAV with WebSphere PortalRelated tasks:
Enable HTTP Basic Authentication for simple clients