Version 5.4 |
||||||||||||||||||||||||||||
|
|
For example, the Betty.jpeg file contains meta-information such as the location where the photo was taken, comments, etc.
Each attribute is an XML element.
Some attributes are "protected" - they can be modified only by the Account owner, the System or Domain Admin or if the user is granted the "Administer" Access Right to that file or file directory.
The CommuniGate Pro Server maintains an Access Control List (ACL) for every Storage file or file directory. This list is stored as an <ACL> protected File Attribute.
The Access Control Lists are used to control the Foreign File Access feature that allows Account users to access File Storage in other Accounts.
All files and file directories in an Account File Storage located outside the private directory are open for "list" (directories) and "read" operations for any Account user, as well as for non-authenticated users. For example, these files can be accessed via unauthenticated HTTP requests, and they can be used as a Personal Web Site.
The Account owner has all access rights to all Account Storage files and directories.
A Server Administrator with the All Users access right has all access rights to all files in all Server or Cluster Accounts.
Domain Administrators with the CanViewWebSites access right have all access rights for all files in their Domain Accounts.
The Account owner can grant certain limited file access rights to other users, using the Access Control Lists.
The following File Access Rights are supported:When a file directory is created, the ACL of the outer directory (if any) is copied to the newly created directory.
Certain File Storage names have special meanings.
If the Free/Busy information cannot be built (for example, if no Main Calendar Mailbox exists in the Account), the HTTP module generates an empty Free/Busy dataset and sends it to the client.
Virtual names do not specify actual files or folders in the File Storage, but they can be used to retrieve certain information.
Read access to files and List access to directories inside the private directory can be granted to other CommuniGate Pro users and external "guests", using the protected <accessPwd> File Attribute.
Each <accessPwd> attribute should have a <key/> element containing a random string - the access-password. It is recommended to add <EMail/> element(s) with the E-mail address(es) of the users to whom this access-password has been sent.
Alternative file paths can be used in FTP and TFTP protocols, and in all other CommuniGate Pro components that access the Account File Storage.
Server administrators with the All Domains and Accounts Access Right and Domain administrators with the CanAccessWebSites access right can access File Storage in other Accounts.
Server and Domain administrators can access File Storage of any Account using the WebAdmin Interface: the Account management pages have the Files link in their navigation panels.
All management methods use similar HTML pages for File Storage administration, see the WebUser Interface Files section for the details.
File Storage data can be modified using the HTTP 1.1 PUT, DELETE, and MOVE methods. Some HTML design tools can use these methods to upload files to the server.
These HTTP requests should contain the Authentication information: the Account name of the File Storage owner or the Account name of a Server/Domain Administrator, and the password for that Account.
CommuniGate Pro allows each user to be presented on the World Wide Web with a personal Web site.
The URL for the accountname@domainname Account File Storage is:
<http://domainname:port/~accountname>
where the port is the WebUser port.
For example, the jsmith@client1.com account has a personal Web site at:
<http://client1.com:8100/~jsmith>
Personal Web sites use the same HTTP port as the WebUser Interface (the port 8100 by default).
In addition to the ~ prefix, an alternative prefix can be specified in the Domain Settings. The alternative prefix can be an empty string.
All Routing Rules discussed in the Access section apply to the personal Web site URLs, so Account and Domain aliases can be used in the personal Web site URLs.
Personal Web sites can be accessed without a prefix, using just the server part of the URL string. When the CommuniGate Pro server receives an HTTP connection on the its WebUser port, it uses the special Domain Routing procedure.
If the domain name user.domain.com has a DNS A-record pointing to the IP address of the CommuniGate Pro
server, and the CommuniGate Pro Router has the following record:
<LoginPage@user.domain.com> = userA@domainB.com
and the Account userA exists in the CommuniGate Pro Domain domainB,
then the URL http://user.domain.com/ can be used to access the personal Web site (File Storage)
of the userA@domainB.com Account.
File Storage must not contain any index.wssp file. This name is reserved for the File Storage Management forms.
The home (default) page of a personal Web Site should have the default.html name. This means that when the file name is not specified explicitly, the default.html name is assumed. If a File Storage has folders (subdirectories), then the request with the http://server:port/prefix user/folder/ URL retrieves the default.html file from that subdirectory.
The name of the default page is specified as an Account Setting and it can be modified on the per-Account basis.
File Storage data can be accessed, modified, and managed using the CommuniGate Pro FTP module. When an Account user connects to the FTP module, the FTP "root directory" as well as the "current directory" are set to the Account File Storage top directory.
File Storage data can be accessed, modified, and managed using the CommuniGate Pro HTTP module WebDAV extension.
use http://server:port/WebDAV/ or https://server:port/WebDAV/ URLs
to configure a WebDAV client.
Access to the /WebDAV/ realm requires authentication, and the authenticated Account and its Domain must have the
WebSite Service enabled.
This realm presents the authenticated Account File Storage top directory.
The File Access WebDAV protocol works over the HTTP protocol, using the HTTP User Module. Open the HTTP User Module settings, and find the Sub-Protocols panel:
Use the FileDAV Log setting to specify the type of information the File Access WebDAV module should put in the Server Log.
The File Access WebDAV module records in the System Log are marked with the FileDAV tag.
The CommuniGate Pro allows an Account user to access File Storage in other Accounts.
Access to these foreign Files (also called shared Files) is controlled via
the File Access Rights.
To access a file or a file directory in a different Account, the file name should be specified as ~accountname/filename. For example, to access the images/pict01.jpg file in the Boss Account, the Mailbox name should be specified as ~Boss/images/pict01.jpg .
If there are several local Domains on the Server, files in a different Domain can be accessed by specifying full Account names. To access the images/pict01.jpg file in the Account designer in the client.com Domain, the file name should be specified as ~designer@client.com/images/pict01.jpg.
Account names specified after the "~" sign are processed with the Router, so Account Alias names can be used instead of the real Account names, and all Routing Table rules are applied.
This list is maintained with various clients. Usually, it contains the names of foreign file directories, such as ~accountName/dir1/dir2/, letting clients show some preselected foreign file directories.