|
Version 6.3 |
|
| ||||||||||||||||||||||
Special Files and FoldersCertain File Storage names have special meanings.
Many Microsoft® products use names starting with the tilda symbol for temporary or service files. To avoid the problem, always use those products with Account Storage subdirectories, and not with the topmost Storage directory. Virtual Files and FoldersVirtual names do not specify actual files or folders in the File Storage, but they can be used to retrieve certain information.
File Attributes
Each file and file directory can have an set of attributes or meta-information.
For example, the Betty.jpeg file contains meta-information such as the location where the photo was taken, comments, etc. Each attribute is an XML element. Some attributes are "protected" - they can be modified only by the Account owner, the System or Domain Admin or if the user is granted the "Administer" Access Right to that file or file directory. File Access RightsThe CommuniGate Pro Server maintains an Access Control List (ACL) for every Storage file or file directory. This list is stored as an <ACL> protected File Attribute. The Access Control Lists are used to control the Foreign File Access feature that allows Account users to access File Storage in other Accounts. All files and file directories in an Account File Storage located outside the private directory are open for "list" (directories) and "read" operations for any Account user, as well as for non-authenticated users. For example, these files can be accessed via unauthenticated HTTP requests, and they can be used as a Personal Web Site. The Account owner has all access rights to all Account Storage files and directories. A Server Administrator with the All Domains access right has all access rights to all files in all Server or Cluster Accounts. Domain Administrators with the CanViewWebSites access right have all access rights for all files in their Domain Accounts. The Account owner can grant certain limited file access rights to other users, using the Access Control Lists. The following File Access Rights are supported:
When a file directory is created, the ACL of the outer directory (if any) is copied to the newly created directory. Shared Private FilesRead access to files and List access to directories inside the private directory can be granted to other CommuniGate Pro users and external "guests", using the protected <accessPwd> File Attribute. Each <accessPwd> attribute should have a <key/> element containing a random string - the access-password. It is recommended to add <EMail/> element(s) with the E-mail address(es) of the users to whom this access-password has been sent.
Alternative file paths can be used in FTP and TFTP protocols, and in all other CommuniGate Pro components that access the Account File Storage. HTML-based Management
Users can manage their Account File Storage using a Web browser. There are two methods
to access the File Storage administration pages:
Server administrators with the All Domains access right and Domain administrators with the CanAccessWebSites access right can access File Storage in other Accounts. Server and Domain administrators can access File Storage of any Account using the WebAdmin Interface: the Account management pages have the Files link in their navigation panels. All management methods use similar HTML pages for File Storage administration, see the WebUser Interface Files section for the details. HTTP-based ManagementFile Storage data can be modified using the HTTP 1.1 PUT, DELETE, and MOVE methods. Some HTML design tools can use these methods to upload files to the server. These HTTP requests should contain the Authentication information: the Account name of the File Storage owner or the Account name of a Server/Domain Administrator, and the password for that Account. HTTP Access to File StorageCommuniGate Pro allows each user to be presented on the World Wide Web with a personal Web site.
The URL for the accountname@domainname Account File Storage is:
Personal Web sites use the same HTTP port as the WebUser Interface (the port 8100 by default). In addition to the ~ prefix, an alternative prefix can be specified in the Domain Settings. The alternative prefix can be an empty string. All Routing Rules discussed in the Access section apply to the personal Web site URLs, so Account and Domain aliases can be used in the personal Web site URLs. Personal Web sites can be accessed without a prefix, using just the server part of the URL string. When the CommuniGate Pro server receives an HTTP connection on the its WebUser port, it uses the special Domain Routing procedure. If the domain name user.domain.com has a DNS A-record pointing to the IP address of the CommuniGate Pro
server, and the CommuniGate Pro Router has the following record:
File Storage must not contain any index.wssp file. This name is reserved for the File Storage Management forms. The home (default) page of a personal Web Site should have the default.html name. This means that when the file name is not specified explicitly, the default.html name is assumed. If a File Storage has folders (subdirectories), then the request with the http://server:port/prefix user/folder/ URL retrieves the default.html file from that subdirectory. The name of the default page is specified as an Account Setting and it can be modified on the per-Account basis. FTP Access and ManagementFile Storage data can be accessed, modified, and managed using the CommuniGate Pro FTP module. When an Account user connects to the FTP module, the FTP "root directory" as well as the "current directory" are set to the Account File Storage top directory. WebDAV Access and ManagementFile Storage data can be accessed, modified, and managed using the CommuniGate Pro HTTP module WebDAV extension.
Access to the /WebDAV/ realm requires authentication, and the authenticated Account and its Domain must have the
WebSite Service enabled.
The File Access WebDAV protocol works over the HTTP protocol, using the HTTP User Module. Open the HTTP User Module settings, and find the Sub-Protocols panel: Use the FileDAV Log setting to specify the type of information the File Access WebDAV module should put in the Server Log. The File Access WebDAV module records in the System Log are marked with the FileDAV tag. Foreign File AccessThe CommuniGate Pro allows an Account user to access File Storage in other Accounts.
To access a file or a file directory in a different Account, the file name should be specified as ~accountname/filename. For example, to access the images/pict01.jpg file in the Boss Account, the file name should be specified as ~Boss/images/pict01.jpg . If there are several local Domains on the Server, files in a different Domain can be accessed by specifying full Account names. To access the images/pict01.jpg file in the Account designer in the client.com Domain, the file name should be specified as ~designer@client.com/images/pict01.jpg. Account names specified after the "~" sign are processed with the Router, so Account Alias names can be used instead of the real Account names, and all Routing Table rules are applied. File SubscriptionEach Account has a file subscription set -
a set of file and/or file directory names.
This list is maintained with various clients. Usually, it contains the names of foreign file directories, such as ~accountName/dir1/dir2/, letting clients show some preselected foreign file directories. |