<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix">On 11/10/2014 12:14 AM, Thomas Lau
      wrote:<br>
    </div>
    <blockquote
cite="mid:CAEZt6eBAijsswNgb1zb4pRKwxCK2f9NwULyyvt=RQ+H4GEdsBQ@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div class="gmail_default"
          style="font-family:verdana,sans-serif;font-size:small">Hi All,</div>
        <div class="gmail_default"
          style="font-family:verdana,sans-serif;font-size:small"><br>
        </div>
        <div class="gmail_default"
          style="font-family:verdana,sans-serif;font-size:small">I am
          successfully letting Apache auth against FreeIPA, but whatever
          folder/files being created on WebDav server would be using
          Apache user and group instead of login user/group, does anyone
          know how to fix this?</div>
        <div class="gmail_default"
          style="font-family:verdana,sans-serif;font-size:small"><br>
        </div>
        <div class="gmail_default"
          style="font-family:verdana,sans-serif;font-size:small">Kerberos
          + LDAP config:</div>
        <div class="gmail_default"
          style="font-family:verdana,sans-serif;font-size:small"><br>
        </div>
        <div class="gmail_default" style=""><font face="verdana,
            sans-serif"><a moz-do-not-send="true"
              href="http://pastebin.com/zpP3TEst">http://pastebin.com/zpP3TEst</a></font><br>
        </div>
        <div><br>
        </div>
        -- <br>
        <div class="gmail_signature">
          <div dir="ltr">
            <div>
              <div dir="ltr">
                <div><font face="verdana, sans-serif">Thomas Lau</font></div>
                <div><font face="verdana, sans-serif">Director of
                    Infrastructure</font></div>
                <div><font face="verdana, sans-serif">Tetrion Capital
                    Limited</font></div>
                <div><font face="verdana, sans-serif"><br>
                  </font></div>
                <div><font face="verdana, sans-serif">Direct:
                    +852-3976-8903</font></div>
                <div><font face="verdana, sans-serif">Mobile:
                    +852-9323-9670</font></div>
                <div><font face="verdana, sans-serif">Address: 20/F, IFC
                    1, Central district, Hong Kong</font></div>
              </div>
            </div>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
    </blockquote>
    <br>
    Can you please give a bit more context and architecture? Are you
    building you own WebDav server or using an existing implementation?
    Which one?<br>
    Not being familiar with the internals of WebDav I would assume that
    impersonation would be a function of your WebDav server. However
    AFAIU it would need to use something like oddjob to create files and
    directories on the file system to make them be owned by the users.<br>
    <br>
    Also this might give you some hints on how we recommend to hook web
    applications into IPA.<br>
    <a class="moz-txt-link-freetext" href="http://www.freeipa.org/page/Web_App_Authentication">http://www.freeipa.org/page/Web_App_Authentication</a><br>
    <br>
    <pre class="moz-signature" cols="72">-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IdM portfolio
Red Hat, Inc.</pre>
  </body>
</html>