Sections

Personal tools

You are here: Home → wikidblog → Securing Webdav with SSL and two-factor authentication

Recent entries: The Express Scripts Bounty admin Nov 14, 2008; Citrix on the need for two-factor authentication admin Nov 12, 2008; PCI expanding to Europe admin Nov 11, 2008; Embedding WiKID two-factor authentication in your Web application admin Nov 06, 2008; 50 Must-Have Open Source Tools for Security admin Oct 30, 2008

Recent comments: Re:Running the WiKID Two-factor authentication server on Ubuntu remix_tj Nov 16, 2008; Re:Embedding WiKID two-factor authentication in your Web application admin Nov 11, 2008; Re:Open source momentum and spending during the recession admin Nov 01, 2008; MTM vulnerable Kris Puri Oct 31, 2008; Re:Running the WiKID Two-factor authentication server on Ubuntu nowen Sep 26, 2008

2007/04/16

Securing Webdav with SSL and two-factor authentication

One reason for the lack of posts recently has been that I have written a how-to on securing WebDAV with SSL and two-factor authentication. Dealing with WebDAV was more of a pain than I anticipated. First, there seems to be a bug in recent versions of apache that breaks mod_auth_radius and mod_auth_xradis. Second, I spent a lot of time figuring out the ways that WebDAV does not work on Windows ;).

I did get it working though and I think that WebDAV is a great replacement for SFTP or FTP, especially for cross-enterprise needs. WebDAV works through port 443, which is always open on firewalls, where SSH's port 22 may often be blocked.