Projects / Alaya Webdav Server

Alaya Webdav Server

Alaya is a primitive chrooting Web server with basic WebDAV support. It can serve HTTPS and HTTP, and can authenticate using PAM, /etc/shadow, /etc/passwd, or using its own authentication files that allow for 'native' users that only have access to alaya content. It's intended to be a simple method of sharing content over WebDAV, and though it can be configured with a config file, it's easy to configure by command-line switches alone. Alaya always chroots to ensure that malicious users can't use '..' within a URL to access unintended documents, and that users can't accidentally leave documents in places outside of the chroot. It has a 'ChHome' mode that chroots users into their home directory and serves content from there. It supports .cgi scripts out of a trusted path (so not from within the chrooted WebDAV share) and read-only shared directories that are outside of the chroot (allowing access to shared content when in ChHome mode).

Operating Systems

Recent releases

  •  21 May 2014 00:23

    Release Notes: This is a bugfix release. There are Makefile changes to compile under Ubuntu; fixes for problems with HTTP keep-alive; and the ability to turn off HTTP keep-alive for browsers like Safari, which seems to have problems with it.

    •  16 May 2014 11:11

      Release Notes: This release adds HTTP Keep-Alive and HTTP cache-control features, bugfixes for issues with large files, bugfixes for security issues, and Mime icons for directory listings.

      •  23 Apr 2014 23:27

        Release Notes: A weird segfault on some systems involving malloc_hook was fixed be removing malloc_hook. An 'Events' framework that can run a script in response to certain connections was added. 'make install' was implemented.

        •  18 Apr 2014 14:14

          Release Notes: Client certificate support has been added. Support for perfect forward secrecy has been added. Fixes a nasty bug in Access Token Authentication that allowed logon with a blank password if Access Token Authentication was enabled. Many other minor bugfixes.

          •  07 Apr 2014 02:11

            Release Notes: IPv6 support has been added. Support for the Linux 'sendfile' syscall has been added for lower CPU usage when transferring files with plain HTTP. Capabilities support has been added (most capabilities are dropped on program startup).


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.