Google

Tuesday, December 11, 2007

Authentication and Security Using WebDAV

Authentication

Basic authentication and Integrated Windows Authentication are enabled and anonymous access is disabled by default on new and existing HTTP virtual servers and directories for Microsoft® Exchange Server 2003. If Basic Authentication is used to communicate with the Exchange server, then the user's credentials are transmitted over the wire in clear text, making it possible for third parties to discover a user's credentials using network monitoring or packet sniffing tools. If NTLM or Kerberos authentication is used, the user's credentials are not transmitted in clear text.

When a WebDAV method request is made on a server using the Microsoft XML (MSXML) XMLHTTP object or the Microsoft .NET Framework System.Net.HttpWebRequest object, the server will return the authentication methods possible and the client will choose the more secure one that it supports. So, if both Basic and Integrated Windows Authentication are enabled on a virtual server or directory the client is connecting to, the client will choose NTLM authentication or Kerberos authentication (if it is enabled) over Basic Authentication. It is recommended that Integrated Windows Authentication not be disabled on virtual directories or servers, since Basic Authentication will then be used.

If NTLM or Kerberos authentication is being used in WebDAV method requests made on a Exchange store through a front-end server, the Keep-Alive header must be set to True or the request will not be passed on to the back-end server.

 

 

Monday, November 12, 2007

RENAME WebDav Method

RENAME Method

There is no Rename method in WebDav , To rename a Folder or File uses Move Method

 

WebDav - RFC2518

Wednesday, October 24, 2007

What is WebDAV?

 

WebDAV is an extension to the HTTP/1.1 protocol that allows clients to perform remote web content authoring operations. The WebDAV protocol is specified by RFC 2518.0

WebDAV provides support for the following authoring and versioning functions:

  • Version management
  • Locking for overwrite protection
  • Web page properties
  • Collections of Web resources
  • Name space management (copy/move pages on a Web server)
  • Access control

For more information on WebDAV, visit the WebDAV Resources web site: http://www.webdav.org/

 

Fun