Limiting WebDAV Access to the Repository

WebDAV is a protocol to access and modify resources within the repository but it can cause references between named resources and their Access Control List (ACL) to become inconsistent.

Use Spectrum Spatial Manager, the Named Resource service, and the Access Control service instead of WebDAV.

By default, accessing the repository using WebDAV is not restricted to a particular server, rather open to all servers that can access the repository. You can restrict access to particular servers by modifying the spatial java property file. You can do this by adding a property that includes a list of host names (IPs) that WebDAV is open to (comma separated).

Note: You must restart the Spectrum Technology Platform server to apply this change.

To limit repository access using WebDAV:

  1. Open a web browser and go to http://server:port/jmx-console
    Where:
    • server is the IP address or host name of your Spectrum Technology Platform server.
    • port is the HTTP port used by Spectrum Technology Platform. The default is 8080.
  2. Log in using the admin account.
  3. Under Domain: com.pb.spectrum.platform.configuration.properties, click com.pb.spectrum.platform.configuration.properties:manager=spatial.properties.
  4. Change the value of repository.accesscontrol.allows.

    Leaving the property empty disables all access to using WebDAV for all servers except the machine where Spectrum Technology Platform is installed.

    To allow other servers WebDAV access, enter a comma-separated list of server IP addresses. For example:

    192.168.2.1,192.168.2.2
  5. Click the Set button next to the repository.accesscontrol.allows.
  6. Restart the server.
Once this process is complete, WebDAV access is limited to the repository.