News / 30 April 2015

How-To: Drag and Drop Access to iRODS with WebDAV

You can now drag and drop files into and out of iRODS collections without installing a separate client (for most OSes), using a WebDAV connector developed by Mike Conway from the UNC DICE Center. The connector is based on the milton.io Java WebDAV server library.

In this post, I will ~~walk~~ run you through an example installation on the Ubuntu virtual machine we configured in this blog post. We're interested to hear about your experiences with it. Please post comments below.

Note: You will need a milton.io enterprise license in order to use Mac OS's Finder to access collections via this connector. We are discussing additional licensing options with the milton.io developer. In the meantime, you may go to http://milton.io/about/license/index.html to request a trial enterprise license.

Note: By default, Windows requires user authentication through this connector to be encrypted. That means you either have to install SSL certificates on the server side, or you have to modify the registry on each Windows client. I cover an SSL install below. If you use self-signed certs, like I do for demonstration purposes, you'll have to tell the Windows client to trust the certs. I point to a link about this in the Windows client configuration section below. Obviously, for a production system, use certificates signed through a legitimate certification chain.

Set up iRODS

1. Set up an iCAT server, as in this blog post: http://irods.org/post/icat-on-a-vm/

Add a Network Interface to Your VM

1. Shut down the VM. On the VirtualBox menu bar, select "Machine" and then "ACPI Shutdown". Then select the shutdown button in the far right of the menu Ubuntu presents.
2. In VirtualBox, click the name of your iCAT VM in order to select it.
3. In VirtualBox, click the "Settings" button.
4. Click "Network".
5. Click "Adapter 2".
6. Click the "Enable Network Adapter" checkbox.

7. Pull down the selection box next to "Attached to:" and select "Host-only Adapter".

   
   8. Click "OK" 9. In VirtualBox, click the "Start" button. 10. Open a terminal and use ifconfig to get the IP address of eth1. Take note of this IP address. You will need it later.
   

Install and Configure Tomcat, Proxied by Apache, with SSL

1. Install Tomcat.

   ~~~~ sudo apt-get install openjdk-7-jdk sudo update-java-alternatives -s java-1.7.0-openjdk-amd64 sudo apt-get install tomcat7 ~~~~

2. Install Apache2.

   ~~~~ sudo apt-get install apache2 ~~~~

3. Edit /etc/tomcat7/server.xml:
   a. Comment out the port 8080 and 8443 connectors
   b. Uncomment the port 8009 AJP connector

4. Enable a couple apache modules:
   a. sudo a2enmod proxy_ajp
   b. sudo a2enmod ssl
   c. sudo a2enmod headers

5. Create or acquire a certificate.
   
   To create your own, install openssl and copy the certificates /etc/ssl/certs.

   ~~~~ sudo apt-get install openssl openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout webdavssl.key -out webdavssl.crt ~~~~

   Fill in the appropriate information for your certificate.

   

   ~~~~ sudo mv webdavssl.key /etc/ssl/certs sudo mv webdavssl.crt /etc/ssl/certs ~~~~

6. Create /etc/apache2/sites-available/ajp_ssl.conf and add the following content:

   ~~~~ # Change uppercase as sent by OS X Finder WebDAV to lowercase as recognized by mod_proxy RequestHeader edit Transfer-Encoding Chunked chunked early

   # Stream chunked data as-it-is to reverse proxied backend
   SetEnv proxy-sendchunks 1
   

   SSLEngine on SSLCertificateFile /etc/ssl/certs/webdavssl.crt SSLCertificateKeyFile /etc/ssl/certs/webdavssl.key

   Order deny,allow Allow from all

   ProxyRequests Off ProxyPass / ajp://localhost:8009/ ProxyPassReverse / ajp://localhost:8009/ ~~~~

7. Enable the new site: sudo a2ensite ajp_ssl

8. Restart apache2: sudo service apache2 restart
9. Open port 443 in your firewall, if enabled.

Build and Install the Milton iRODS WebDAV connector

1. Clone the irods-webdav github repo.
   wzxhzdk:0
2. Update `irods-webdav/src/main/resources/miltonContext.xml` a: Set host, zone, port, authScheme, and defaultStorageResource. b: Change a resource.factory constructor-arg from "/test1/home/test1" to a collection on your server, e.g., "/tempZone/home/rods" c: Change property context-path from "irods-webdav" to "" ***Note: skip the next step if you are not using the licensed version of milton.io*** d: Change class="io.milton.config.HttpManagerBuilder" to class="io.milton.ent.config.HttpManagerBuilderEnt"
wzxhzdk:1

  ***Note: skip the next step if you are not using the licensed version of milton.io***

3. Update `irods-webdav/pom.xml` a: Change "milton-server-ce" to "milton-server-ent"

  ***Note: skip the next step if you are not using the licensed version of milton.io***
4. Put the two license files that were emailed to you--`milton.license.properties` and `milton.license.sig`--in `irods-webdav/src/main/resources`.
One way to do this is with scp. On the VM: wzxhzdk:2 On the host: wzxhzdk:3  
5. Use Maven to build the connector. wzxhzdk:4
6. Move `irods-webdav/target/irods-webdav-0.0.1-SNAPSHOT.war` to a Tomcat webapps directory (I usually also change the name to `ROOT.war`. Otherwise, you will have to navigate to http://hostname.example.com/\ to access your collection). wzxhzdk:5 ### Configure the Client For Mac OSX: 1. Open a Finder window. 2. Click "Go" on the menu bar, then "Connect to Server..." 3. Enter "https://" followed by the IP address of your virtual machine. 4. If you're using self-signed certificates, you will need to acknowledge a warning. 5. Enter your irods user name and password, and click Connect. You should now have access to your iRODS collections via WebDAV.
   
   For Windows: 1. If you're using self-signed certificates, you'll have to tell the Windows client to trust the certs (This site explains how, but you'll have to "run as Administrator" Internet Explorer: ). 2. Open a Windows Explorer window. 3. Right click "Network" and select "Map Network Drive..." 4. Click the link that says "Connect to a Web site that you can use to store your documents and pictures." 5. Click "Next" two times to acknowledge things. Then on the "Specify the location of your website" enter "https://" followed by the IP address of your virtual machine. 6. When prompted, enter your irods user name and password, and click OK. 7. Name the mapped drive, and click "Next". 8. Click "Finish" You should now have access to your iRODS collections via WebDAV.
   

   ---

   Dan Bedard