Description
Setting the ip-allow.config to ALL for the method type doesn't include methods not known to ATS. Currently the method PROPFIND can't work in ATS making it not work with webdav.
The way the ALL_METHOD_MASK is created is by turning the bits on for the number of methods that ATS knows about. I am going to change the code to turn on all bits in the mask:
void IpAllow::InitInstance() {
ALL_METHOD_MASK = ~0;
}
Right now:
[bcall@snowball trafficserver]$ sudo proxy/traffic_server -T ip-allow
[Aug 14 14:24:34.476] Server
DEBUG: (ip-allow) Quick filter denial on 192.168.1.12:(null) with mask 7ff
[bcall@snowball trafficserver]$ curl -D - -X PROPFIND -x snowball:8080 http://caldav.calendar.yahoo.com/
HTTP/1.1 403 Access Denied
After the change:
[bcall@snowball trafficserver]$ sudo proxy/traffic_server -T ip-allow
[Aug 14 14:26:13.046] Server
DEBUG: (ip-allow) Quick filter denial on 192.168.1.12:(null) with mask ffffffff and method: ffffffff
[bcall@snowball trafficserver]$ curl -D - -X PROPFIND -x snowball:8080 http://caldav.calendar.yahoo.com/
HTTP/1.1 401 Unauthorized <---- error from origin, ATS is proxying...