Overview

WebDAV provides a network protocol for creating interoperable, collaborative applications. Major features of the protocol include Locking (concurrency control), Properties and Namespace manipulation (move and copy).

The Codehaus prefers HTTPS+DAV over SCP / SFTP for several reasons:

works through proxies
is compatible with our LDAP authorization system
limits shell access to server

There are some downsides however:

Clumsier updates

DAV Links

You should use Xircles to determine the appropriate DAV links for your project / user etc.

DAV Clients

http://www.lyra.org/sitecopy/
http://www.webdav.org/cadaver/ for command-line junkies

Konqueror

Konqueror 3.5+ has built-in WebDAV support (UserTrust CA Root is preinstalled). To access using WebDAV, change the https:// protocol to webdavs://

(Internet) Explorer

In IE chose "File/Open ...", enter the URL and activate the check box "Open as Web Folder". You will find this web folder in future also in your Network Connections of the Explorer.

Root Certificate Authority

The Codehaus uses a certificate provided by PremiumSSL which has a variety of problems:

it's a chained certificate - PremiumSSL isn't the final CA in the chain
the final CA in the chain, UserTrust, isn't included in the JDK trusted CA list.

Installing the UserTrust CA into the Java JDK

Handy Hint

The latest release (1.5.0_09) includes the required certificates so upgrading your JDK might be easier that following the below steps

Download the UserTrust External CA Root to your local filesystem.

Install the certificate into the JDK Trusted CA Certs (The default password is "changeit")

Windows and Linux

$JAVA_HOME/bin/keytool -import -alias UserTrustExternalCARoot -file UserTrustExternalCARoot.crt -keystore $JAVA_HOME/jre/lib/security/jssecacerts

Mac OS X

$JAVA_HOME/bin/keytool -import -alias UserTrustExternalCARoot -file UserTrustExternalCARoot.crt -keystore $JAVA_HOME/lib/security/jssecacerts

Installing the UserTrust CA into the Java JDK as non-root

If do not have permission to modify your JDK installation you can add the certificate to your own keystore. The keytool that comes with the JDK uses ~/keytool by default. When running a JVM you need to tell the JVM about the keystore. It appears as if it will use this keystore in addition to the one in the JDK so there is no need to add all the certificates from the JVM to the user copy.

export MAVEN_OPTS="-Djavax.net.ssl.keyStore=$HOME/.keystore \
    -Djavax.net.ssl.keyStorePassword=changeit \
    -Djavax.net.ssl.trustStore=$HOME/.keystore \
    -Djavax.net.ssl.trustStorePassword=changeit" 
mvn -Dusername=foo deploy

NOTE: If you want to debug the security related stuff add the -Djava.security.debug=all option

Haus Documentation

A new low!

WebDAV

Overview

DAV Links

DAV Clients

Konqueror

(Internet) Explorer

Root Certificate Authority

Installing the UserTrust CA into the Java JDK

Installing the UserTrust CA into the Java JDK as non-root

Services

How To Guides

Technical

Behavioural

Feeds

Operations

Links