Apache - Korean UserGroup WebDAV : Collaboration based on Apache 김규하 (nusys@nusys.co.kr) CSA,SCNA,CCNA,CISSP Korea technical office - CollabNet,Inc Computer Eng dept. - Hansung University Apache Korean
Session Summary 협업 WebDAV 이전의아파치웹서버 WebDAV 란? WebDAV Benefits WebDAV Basics mod_dav 소개 WebDAV 활용 WebDAV softwares WebDAV 설치및운영 SubVersion 이란? SubVersion & CVS features SubVersion 설치및운영 SubVersion Basic work scenario SubVersion softwares Resources & References Q&A
협업? Collaboration 협업소프트웨어들 Collaborative groupwares Groove Collaborative tools Collaboration systems 협업소프트웨어의기본적인요건들 참여자들의입장에따라보장되는가시성완벽하고실제적인보안성다양한배경의사용자들을위한확장성언제어디서든표준환경으로참여할수있는접근성쉬운사용으로교육없이참여할수있는사용성
협업?
WebDAV 이전의아파치웹서버인프라 Apache : A patched web server HTTP 프로토콜을기반 WEB을전인류에게. 점유율 1위 오픈소스기반웹서버소프트웨어 다양한확장소프트웨어들
WebDAV 이전의아파치웹서버인프라 Readonly! Extenstions Additional tools Different protocol Security Learning cost Standardization WebServer Extensions
WebDAV Web based Distributed Authoring and Versioning HTTP + Collaboration WebDAV server
WebDAV 란? 협업인프라 모든종류의컨텐츠를협업적으로작성하고관리할수있도록하는프로토콜 데이터통합 문서관리, 버전관리및형상관리, 이메일저장소, 파일서버등 원격, 분산소프트웨어개발 분산협업소프트웨어개발 Subversion (DAV & DeltaV) HTTP 프로토콜의확장 덮어쓰기방지 Lock,Unlock 리소스관리 Collection Resource creation, copy, move, Mkcol,Move,Copy 문서속성 Propfind XML 기술의활용 : 속성, 제어, 상태 표준화 RFC 2518,RFC 3253
WebDAV History WebDAV 이전의다른시도들 Data integration NFS : Network file system / WebNFS POP3, IMAP and other many protocols Distributed authoring : 1996 년 Microsoft FrontPage Netscape Composer Web을통한소프트웨어개발및원격저작을위한방법모색 Jim Whitehead(UC Irvine), Dan Connoly (W3C), Larry Masinter(Xerox) Microsoft, Novell, Netscape 등업체에서참여. 1999 년 2 월 RFC 2518 : Core features defined
WebDAV Benefits 웹컨텐츠사용자 문서작업을위한메타데이터활용 디렉토리리스팅 웹컨텐츠저작자 서버에저작물을올려두기위한표준적인방법제공 저작물의복사및이동 동시저작을위한겹쳐쓰기방지 관리자 Security Benefits 표준프로토콜을통한데이터의이동 시스템계정없이HTTP 기반으로인증제공
Technical benefits 단순성! HTTP 인프라스트럭쳐에서의장점계승 인증 (Authentication) 암호화지원 (Encryption) Proxy /Firewall navigation 가장널리사용 다양한기존툴들 이미준비된다양한툴및제품들 Pluggable data storages RDBMS, XML database, File system 널리확대된저변 (Knowhow pool)
WebDAV Business Drivers 분산및협업소프트웨어구현을위한최적의인프라스트럭쳐 협업프로젝트, 문서관리기반협업, 컨텐츠관리, 웹디스크, 협업소프트웨어개발 Cost effective 이미 WebDAV 를지원하는많은수의서버제품및툴들. Cross platform data integration 가능 기존투자보호 WebDAV서버로의변경 다양한웹서버기반Datastorage자원활용
Webdav Basics Namespace & Resource management Collection Resource Member Resource URL 계층구조 Create,move, copy.delete Collection Resource Resource Resource Member Resource Member Resource Member Resource Member Resource Member Resource
Webdav Basics Metadata Properties Name : uniquely identified with URIs Value : well-formed XML fragments Records Metadata author, title, modification time, size 겹쳐쓰기방지 : Locking Shared & exclusive locks Lock 속성 timeout, owner, depth Lock 인식 authentication lock token
WebDAV Basics Search DASL : DAV serching and locating Server Wide Search Property and contents searching Multiple Scopes
WebDAV Basics Versioning DeltaV : RFC3253 Revision control Configuration management Server Repository & Client Working copy Baselines :: Snapshots Activities :: change sets
WebDAV Basics old+new HTTP Methods 메소드 Head,Trace Get Put,Post Delete Mkcol Propfind Proppatch Copy,Move Lock,Unlock Options 기능 네트워크를통한접근을찾고추척 문서검색 문서를서버에전달 리소스, 컬렉션을삭제 컬렉션생성 리소스와컬렉션의속성을검색. 파일목록및속성검색을의미 리소스에대한속성을변경 라소스, 컬렉션을복사및이동 덮어쓰기방지기능 서버가지원하는메소드출력
WebDAV Basics old+new HTTP Methods Web Resource LOCK UNLOCK COPY MOVE DELETE MKCOL (PUT ) Properties (name, value) pairs Body (primary state) PROPFIND PROPPATCH GET PUT - affected by LOCK
mod_dav introduction An Apache module to support WebDAV Apache 1.3 : 별도의모듈로이용가능 Apache 2.0 : 기본모듈로포함 Greg stein Chairman, Apache software foundation 기본적으로파일시스템을저장소로사용 Pluggable back end repository 지원. 상업용제품에서의이용 Oracle IBM Rational ClearCase
mod_dav Back-ends mod_dav Back-ends = providers Reference name Dav directive. (eg. DAV svn) mod_dav_fs Apache module Register your provider with mod_dav OpenSource providers MySQL backend : Catacomb Apache 2.0 DSO loader mod_dav mod_dav_fs FS
WebDAV 의활용시나리오 Collaborative Authoring Network file system Distributed software engineering Unified repository access protocol
WebDAV softwares Projects & tools Java based contents and authoring : Slide, Skunkdav, elipse (plugin) Utilities : davfs, DAVtool, KDE - Conquerer Others Commerical Products Adobe, Microsoft, MacOS X products Oracle XML DB Dreamweaver, XML authoring tools Commercial DAV Servers : A part of solution product Others
WebDAV softwares SkunkDAV DAVExplorer
WebDAV softwares davfs2 WebDAVfolder 를 UNIX/LINUX 에서네트워크드라이브로마운트 Coda filesystem
WebDAV softwares Microsoft products Windows Office 2000/XP and etc SouthRiver Tech WebDrive
WebDAV softwares Adobe softwares Photoshop illustrator Acrobat GoLive
WebDAV installation Basic installation Tarball: http://www.apache-kr.org/dist/ Configure script example./configure enable-dav enable-dav-fs Digest Authentication ; --enable-auth-digest
WebDAV Installation Basic configuration Alias /userhome /home/userhome/davfolder <Location /userhome> DAV On </Location> Lock DB 용의디렉토리생성및설정 아파치서버디렉토리하위의 var/davlock 을이용하는경우디렉토리생성 아파치실행권한에게디렉토리접근및쓰기가능권한설정 DAVLockDB var/davlock
WebDAV installation Other considerations CGI 프로그램의실행및 SSI includes 등의방지 Options None.htaccess 파일의활용방지 AllowOverride None 사용자의 method 접근제한 <LimitExcept OPTIONS GET POST REPORT> <Limit PUT GET POST DELETE PROPPATCH MKCOL COPY LOCK UNLOCK> Require valid-user </Limit> 홈페이지컨텐츠관리를지정된아이피에서만 WebDAV 로접근 Allow from 관리자아이피혹은아이피대역 Authentication Type 을 Digest 로이용 AuthType Digest AuthUserFile htdigest 로생성된파일위치
WebDAV installation Advanced configuration example <Location /UserDavFolder> AllowOverride None Options None DAV On AuthName User verification for WebDAV folder AuthType basic AuthFile /htpasswd 로파일만든위치 /.htpasswd <Limit PUT DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK> Order deny,allow Allow from 192.168.0.1 Require valid-user </Limit> </Location>
WebDAV installation Advanced configuration <Location /UserDavFolder> DAV On AllowOverride None Options None AuthName User verification for WebDAV folder" AuthType Basic AuthFile /htpasswd 로파일만든위치 /.htpasswd <Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK> Order deny,allow Deny from all Allow from 192.168.1.1 Require user ADMINID </Limit> <Limit PUT POST PROPFIND COPY> Order deny,allow Deny from all Allow from 192.168.2. Require user USERID </Limit> </Location>
WebDAV installation 인증파일생성 htpasswd c / 만들파일의위치 /.htpasswd 사용자id New password: Re-type new password: Adding password for user 사용자id 아파치웹서버실행권한이접근할수있도록퍼미션조정 AuthType Digest인경우에는htdigest이용 설정확인및적용 / 아파치웹서버설치위치 /bin/apachectl configtest Syntax OK / 아파치웹서버설치위치 /bin/apachectl restart
DAV & Secuiry Issues DoS Attack IIS5 mod-dav : Limit XML body Authentication and encryption weakness Basic authentication Digest authentication SSL encryption AccessControl
Subversion introduction DeltaV working group Versioning extention for webdav RFC3253 Subversion http://subversion.tigris.org 2000년부터CollabNet이후원하여시작된프로젝트 Apache/BSD style 라이센스로개발 WebDAV 와 DeltaV 기반 현재 0.34 버전릴리즈 CVS 를대체할수있는오픈소스버전관리시스템 엔터프라이즈환경에서의형상관리에근접 향상된기능들 TortoiseCVS 등기존의버전관리툴의 SVN버젼개발
Subversion introduction Version control URL path of Versioned Controlled Resource Branch Version Name initial Beta1 3 Foo.htm 1 2 4 Line of Descent Revision History Label Test1 5 6 Merge Successor Beta2 7 Predecessor
Subversion introduction Subversion features(compare with CVS) Atomic commits Real copies and real name Directory versioning Advanced network layer Apache + WebDAV/DeltaV Or Subversion standealone + SSH Faster network access binary diffs mod_deflate compression Less network access BerkelyDB based repository
Subversion introduction Subversion architecture Local repository Remote repository HTTP authentication
Subversion Installation Requirements Apache 2.0.48 Subversion 0.34.0 Gcc OpenSSL Berkeley DB
Subversion Installation Apache configuration example./configure --prefix=/usr/local/apache2 \ --enable-so --enable-dav --enable-maintainer-mode \ --enable-suexec --with-suexec-caller=bin \ --enable-ssl=/usr --enable-cache --enable-ext-filter \ --with-z=/usr --with-dbm=db4 --with-berkley-db=/usr
Subversion installation Subversion configure example./configure --prefix=/usr/local/subversion \ --with-editer-/bin/vi --with-jdk=/usr/java --with-zlib \ --enable-maintainer-mode --with-ssl=/usr --with-dbm=db4 \ --with-berkeley-db=/usr --with-apr=/usr/local/apache2 \ --with-apr-util=/usr/local/apache2 \ --with-apxs=/usr/local/apache2/bin/apxs
Subversion installation After installaion httpd.conf LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so Preparing subversion repository #svnadmin create sample Permission setting
Subversion Basic work scenario Check out (svn co) example Commit (svn commit) List (svn list) diff (svn diff) Update (svn update) Mkdir (svn mkdir) Move (svn mv) Copy (svn cp)
Subversion softwares TortoiseSVN Subclipse Subwiki RapidSVN ViewCVS gsvn
Resource & References http://www.webdav.org WebDAV에관한모든자료 Greg stein, WebDAV and Apache RFC2518, RFC 3253 http://www.tigris.org subversion.tigris.org and other subversion scm tools 이외많은 DAV 관련개발프로젝트홈페이지들
Q&A 감사합니다.