Sun Java System Web Server 6.1 SP9 Administrator's Guide

Configuring WebDAV

You might want to configure WebDAV for several reasons. For example, to tune server performance, to eliminate security risks, or to provide for conflict-free remote authoring.

To suit your configuration requirements, you can change the minimum amount of time the server holds a lock on a WebDAV resource, the depth of the PROPFIND request on a collection, and the maximum size of the XML content allowed in the body of a request.

Default WebDAV attributes can be configured at the virtual server level for all collections under a virtual server. The values configured here correspond to the DAV element in the server.xml file.

WebDAV attributes can also be configured at a collection level and override any virtual-server -level attributes configured for the collection. The attribute values configured at the collection level correspond to the DAVCOLLECTION element in the server.xml file.

Configuring WebDAV at the Virtual Server Level

To configure WebDAV functionality for the virtual server, you need to edit the attributes of the DAV object. You can do this either by using the Administration Server or by manually editing the server.xml file.

The following table describes the attributes of the DAV object you can configure:

Table 19–1 Attributes of the DAV object

Attribute  

Description  

enabled

Specifies if WebDAV functionality is enabled for this virtual server. 

This is an optional attribute. The default value is true.

Possible values are true and false.

lockdb

Specifies the directory where the locking database will be maintained. 

This is an optional attribute. 

minlocktimeout

Specifies the minimum lifetime of a lock in seconds. This value indicates the amount of time that an element will be locked before the lock is automatically removed. For more information, see Minimum Lock Timeout.

This is an optional attribute. 

maxxmlrequestbodysize

Specifies the maximum size of the XML content in the body of the request. 

This is an optional attribute. The default value is 8K. 

Restrict the size to prevent the possibility of Denial of service (DOS) attacks. 

maxpropdepth

Specifies the depth of the PROPFIND request. 

This is an optional parameter. The default value is 0.

Prevent excessive memory consumption by restricting the size of this parameter. 

Configuring WebDAV at the URI Level

To configure WebDAV functionality at the URI level, you need to edit the attributes of the DAVCOLLECTION object in the server.xml file.

The following table describes the attributes of the DAVCOLLECTION object that you can configure:

Table 19–2 Attributes of the DAVCOLLECTION object

Attribute  

Description  

enabled

Specifies if DAV functionality is enabled for this collection. 

This is an optional attribute. 

Possible values are true and false. The default value is true.

uri

Specifies the URI by which the content is accessed. 

This is a required attribute. 

sourceuri

Specifies the URI by which the source is accessed. For more information, see Common WebDAV Terminology and Using Source URI and Translate:f Header on a WebDAV-Enabled Server.

This is an optional attribute. 

If the sourceuri is not specified, the default behavior is to deny access to the source of any dynamic content in the collection.

You can specify the same URI for both uri and sourceuri, in which case the server will always returns the source of dynamic content. This may be useful if you use a separate, secured virtual server for publishing.

lockdb

Specifies the directory where the locking database will be maintained. 

This is an optional attribute. 

minlocktimeout

Specifies the minimum lifetime of a lock in seconds. This value indicates the amount of time that an element will be locked before the lock is automatically removed. For more information, see Minimum Lock Timeout.

This is an optional attribute. 

maxxmlrequestbodysize

Specifies the maximum size of the XML content in the body of the request. 

This is an optional attribute. 

Restrict the size to prevent the possibility of Denial of Service (DOS) attacks. 

maxpropdepth

Specifies the depth of the PROPFIND request, which lists the member resources of a collection. 

This is an optional parameter. 

Prevent excessive memory consumption by restricting the size of this parameter.