Individual WebDAV DocumentRoots

I’ve been thinking off-and-on, mostly off, about how to configure individual home directories on a WebDAV server. What’s necessary for individual WebDAV DocumentRoots is nothing more than simply rewriting / if the user is authenticated.

There remain some usability issues. For example, how do we handle the move between DAV and non-DAV HTTP user agents? Suppose we would like to send a visitor off to setup an account if the user’s directory doesn’t exist. DAV user agents do not, in my experience, display the message-body of an HTTP error response. The simplest solution is to ignore the problem and require that the user set up their account elsewhere.

At this point I’m uncertain whether to return a 404 Not Found if the user’s directory does not exist, or a 501 Not Implemented. It’s more of a server-side error, though I suppose either status would apply.

Response status codes beginning with the digit “5” indicate cases in which the server is aware that it has erred or is incapable of performing the request. Except when responding to a HEAD request, the server SHOULD include an entity containing an explanation of the error situation, and whether it is a temporary or permanent condition. User agents SHOULD display any included entity to the user. These response codes are applicable to any request method.

In any case, here’s the mod_rewrite ruleset.

Engine On
RewriteLog logs/rewrite.log
RewriteLogLevel 9
RewriteMap lc int:tolower
# In this block we send the authenticated visitor to a place to sign-up
# user is not null
RewriteCond %{LA-U:REMOTE_USER} !=""
# their directory does not exist
RewriteCond %{DOCUMENT_ROOT}/${lc:%{LA-U:REMOTE_USER}} !-d
# do not forget to escape the URI being used for setup if it is in this namespace
RewriteCond %{REQUEST_URI} !^/setup*
RewriteRule ^/.* http://test.example.com/setup [R,L]
# Otherwise, we send the authenticated user to their directory
RewriteCond %{LA-U:REMOTE_USER} !=""
RewriteCond %{REQUEST_URI} !^/setup
RewriteRule ^/(.*) /${lc:%{LA-U:REMOTE_USER}}/$1

Oh, and don’t forget to turn on WebDAV.

<Location />
Dav On
# or, more explicitly, 
#Dav filesystem
# for mod_dav_fs
</Location>
DavLockDB logs/DavLock

Note that if you make an error in the lockfile path, operations will be read-only.