If you are getting this error:
WebDAV 403 - Forbidden Access is denied. Server Error: 403 - Forbidden: Access is denied.You do not have permission to view this directory or page using the credentials that you supplied.
Here are the steps to solve it:
Step 1
Make sure that your ntfs permissions is set for the user that is trying to connect to WebDAV
Step 2
You need to create an Authoring Rules for the user that is trying to connect to WebDAV
I configured Apache2 to allow WebDav on a directory (CentOS 5 / Plesk 8.6):
- WebDav is enabled in httpd.conf
- /var/lib/dav/lockdb is writeable by Apache
- My target dir is chmod 777
- My target dir is chowned apache:psacln
- using Basic Authentication (setup by Plesk interface)
in my vhost.conf I have:
<Directory /var/www/vhosts/domain.com/httpdocs/target_dir>
Dav On
AllowOverride none
Order allow,deny
Allow from all
</Directory>
I can connect to the directory using authentication fine and download files from it. But I cannot write to the dir. I get a 403 Error when I attempt to upload or create a dir.
Anyone have any tips?
Thanks in advance —
Update — 6/5 Using the comments below I’ve isolated the issue to being some type of conflict with .htpasswd protected directories. I can created an unprotected dir and enable WebDAV uploads fine. But once I enable Basic Auth on the directory everything goes south. I can read but no longer upload.
This is my vhost.conf:
<Directory /var/www/vhosts/domain.com/subdomains/subdomain/httpdocs/>
AuthUserFile /var/www/.htpasswd
AuthName "Login"
AuthType Basic
Require valid-user
DAV on
AllowOverride none
<Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
Require valid-user
</Limit>
</Directory>
Update 6/6
Was able to get WebDAV working on a different domain with minimal effort. The only difference between the two domains is that in the one which refuses to allow write access I have a DocumentRoot directive:
DocumentRoot /var/www/vhosts/domain.com/httpdocs/app/webroot
Might this be causing some problems?
asked Jun 5, 2009 at 1:14
Darren NewtonDarren Newton
2901 gold badge3 silver badges9 bronze badges
I recently struggled with the same problem on my Fedora 10 system. In my case the culprit was some odd redirection that I was doing in Apache. Specifically, I use a content management system (Drupal, to be exact) that within it’s .htaccess includes the following redirection logic to redirect missing files to a PHP script:
# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
It makes sense that the above only affects the PUT method since in that case REQUEST_FILENAME does not exist.
Not having the WebDAV area inside of the Drupal area, which seems like a reasonable constraint, fixes the problem.
Also, I think it is likely that SELinux would result in a different error, but it’s not mentioned in the discussion above. Did you try disabling SELinux?
answered Jul 13, 2009 at 6:14
1
Same problem. Solved by:
<Location /xyz>
DAV On
AuthType Digest
AuthName "webdav-xmarks"
AuthDigestProvider file
AuthUserFile "/home/xy/xba/digest-password"
Require valid-user
RewriteEngine off <-- this part solved it!
</Location>
answered Oct 14, 2010 at 1:49
1
What does your error_log say? That’s the first place to look.
Also, look in the regular access_log; sometimes some DAV clients will try to do DAV things at higher level directories than where you’re doing your work, which requires them to have at least read-only DAV access up to the virtualhost root.
answered Jun 5, 2009 at 1:21
freiheitfreiheit
14.5k1 gold badge47 silver badges69 bronze badges
3
Did you try using limit: (for example)
<Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
Require valid-user
</Limit>
answered Jun 5, 2009 at 5:52
Ram PrasadRam Prasad
3011 silver badge8 bronze badges
1
As Ram Prasad said, you need that Limit statement in the Directory entry in your vhosts.config file.
You also need a .DAV directory that is owned by apache in the same directory as your .htaccess file. I have found this usually causes the 403 error, as Apache uses this folder to write temporary files to.
See also: http://www.webdav.org/mod_dav/install.html
answered Jun 5, 2009 at 7:20
tonyktonyk
962 bronze badges
6
The problem is that each time I hit the sync button, it shows that there are about 20 files waiting for syncing, though I’m not sure if it is really syncing. Then after finishing syncing the last file, this error will occur:
WebDAV server returned an HTTP 403 error for a GET request
I confirmed with my WebDAV server support team that it was not their problem. Both of us can successfully open https://webdav.pcloud.com, for example. I’m wondering if anybody is having the same problem with me.
The report ID is 853829132.
Hello,
I have followed the WebDav wiki and I get the error 403 Forbidden:
$ cadaver http://127.0.0.1/dav
dav:/dav/> mkcol test
Creating `test': failed:
403 Forbidden
dav:/dav/> I have looked the forum pages
* 403 Forbidden Error on directory but not on index page which actually uses owncloud’s webdav
* [SOLVED] Apache and user directory
And also tried what is said in the discussion page
But I can’t find the problem.
/var/log/httpd/access_log:
127.0.0.1 - - [11/Apr/2015:12:16:46 +0200] "OPTIONS /dav/ HTTP/1.1" 200 -
127.0.0.1 - - [11/Apr/2015:12:16:46 +0200] "PROPFIND /dav/ HTTP/1.1" 207 683
127.0.0.1 - - [11/Apr/2015:12:16:56 +0200] "MKCOL /dav/test/ HTTP/1.1" 403 977/var/log/httpd/access_log:
[Sat Apr 11 12:14:42.113880 2015] [dav:error] [pid 22639:tid 140478398338816] (13)Permission denied: [client 127.0.0.1:46716] Unable to create collection. [403, #0]/etc/httpd/cond/httpd.conf: (full conf if here)
DAVLockDB /home/httpd/DAV/DAVLock
Alias /dav "/home/httpd/html/dav"
<Directory "/home/httpd/html/dav">
DAV On
AllowOverride None
Options Indexes FollowSymLinks
Require all granted
</Directory>And the status of my directory:
$ ls -la /home/httpd/DAV/
total 8
drwxr-xr-x 2 http http 4096 10 avril 19:29 .
drwxr-xr-x 4 root root 4096 10 avril 19:27 ..
-rw-r--r-- 1 http http 0 10 avril 19:29 DAVLock.dir
-rw-r--r-- 1 http http 0 10 avril 19:29 DAVLock.pag
$ ls -la /home/httpd/html/
total 12
drwxr-xr-x 3 root root 4096 10 avril 19:27 .
drwxr-xr-x 4 root root 4096 10 avril 19:27 ..
drwxr-xr-x 2 nobody nobody 4096 11 avril 10:38 davThanks for any help !
Last edited by Louson (2015-04-11 10:41:10)
- Remove From My Forums
WebDav (7.5) 403.21 — Access Denied — What does Required and Granted mean in Data2?
-
Question
-
User901205661 posted
Using WebDav I am getting a 403.21 Error Code when a user is trying to copy a file.
Using failed Request tracing on the request I see that I am getting the following data back:
ModuleName WebDAVModule Data1 Access Denied By Authoring Rules Data2 /group/NetAdmin/Private/DOC/Asset Number.doc: Required 00000010, Granted 00000003 ErrorCode 2147942405 ErrorCode Access is denied. (0x80070005) ModuleName WebDAVModule
Data1 Access Denied By Authoring Rules
Data2 /group/NetAdmin/Private/DOC/Asset Number.doc: Required 00000010, Granted 00000003
ErrorCode 2147942405
ErrorCode Access is denied. (0x80070005)The WebDav rules that are setup are:
Path : *
Users : All users
Roles: <nothing>
Access: Read,Write
Entry Type : LocalI can not find a reference to the Data2 Section Required and Granted and what they mean!
What are these values referring to and how do I fix this error?
Is this actually documented anywhere?
Chris
Answers
-
User-502738810 posted
403.21 is «Source Access Denied». Your rules grant read/write access to the file, but not source access. Any GET request with the «Translate: F» request header requires source access for the specified URL.
FWIW, the Required & Granted fields are bitmasks based on the following:
Read = 00000001
Write = 00000002
Source =00000010
So, based on the information you provided, the authenticated user was granted read/write access (00000001 | 00000002 = 00000003), but the server requires source access (00000010) for this operation.
-
Marked as answer by
Tuesday, September 28, 2021 12:00 AM
-
Marked as answer by