How to Create a Cloud Storage Server

Web File Manager

The Web File Server object transforms your Mako Server into a powerful and secure storage system, letting you access and share files from any connected computer or device in the world. You can either access it through a Web browser or mount it as a WebDAV drive, in which case it works like a local drive.

In this tutorial we will show you how to create a Web File Server (WFS) object. The WFS uses some internal magic to provide a Web File Manager and WebDAV server on the same URL. You can also create a DAV only object. The benefit in using the WFS object is that it can be used by browsers and WebDAV clients. The only drawback with the WFS is that it triggers the execution of Lua code, thus slightly slowing down the operation when using WebDAV. You should use the DAV object if your objective is to create a very fast WebDAV server since the DAV object uses a pure "C" implementation and not a hybrid solution.

The video to the right shows how to connect a Windows and Mac computer to a WebDAV server by using BarracudaDrive.

The Mako Server and BarracudaDrive are Barracuda Application Server derivatives and you can program the Mako Server to provide the same functionality as BarracudaDrive.

The Mako Server’s Virtual File System

The Virtual File System (VFS) makes it possible for you to programmatically build application server resources in a running system. The VFS is responsible for mapping URLs to resources such as your application's LSP pages. The Mako Server provides a number of pre-defined objects that can be created and installed into the VFS such as the WebDAV object. You can also define your own objects and insert these objects into the VFS.

It is common to create VFS nodes such as the WebDAV object at system startup in a ".preload" script. Your application's ".preload" script is run at startup and this script can create VFS nodes and populate the Mako Server's VFS. It is also possible to dynamically insert say a WebDAV object into the VFS from a Lua Server Page (LSP). The user would then first have to visit the LSP before the WebDAV object would be accessible. This would be inconvenient since the user would have to visit the LSP before the user could access the WebDAV resource.

The Do It Yourself Tutorial includes a number of examples that teaches you the VFS fundamentals. You can also read the VFS introduction in our online documentation.

WebDAV and Web-File-Server Virtual File System Nodes

You can find the two file server objects in the documentation. Here are the links to the online documentation:

DAV locking is a part of the WebDAV standard and we need to provide a directory for the DAV object for file lock operations. You can use the DAV object without a lock directory, but some WebDAV clients will be in "read only" mode when connecting to a DAV object that does not support file locking.

The following example shows how to create a lock directory using the Mako Server's root directory object:

local rio = ba.openio"disk" -- The root IO
local env = mako.env
local ldir = mako.dos2unix(env and (env.TMP or env.TEMP) or "/tmp").."/.LOCK"
if not rio:stat(ldir) then
   if not rio:mkdir(ldir) then
      trace("Cannot open WebDAV lock directory:",ldir)
      ldir=nil -- WebDAV may be in read only mode when used by some clients
   end
end

Example 1: Shows how to create the WebDAV lock directory.

The above code tries to find the host systems TEMP directory from the system’s environment variables. It then uses the root IO when creating the .LOCK sub directory in the TEMP directory. The dos2unix function makes sure the code also works when run on Windows. The IO interface requires UNIX style paths on all operating systems. For example, a TEMP directory such as c:\TEMP is translated by dos2unix to the path /c/TEMP/. The Mako server provides a number of IO interfaces. See Mako Specific features for more information on the IO interfaces provided. You can also create your own custom IO interface that for example uses a database for storing files – in other words, you can have a WebDAV server that stores all resources in a database.

We can create the DAV object and insert it into the Virtual File System (VFS) as soon as we have a lock directory. The lock directory must be set to nil if you do not want to use a lock directory.

local maxUploads=50
local maxLocks=100
require"wfs" -- install ba.create.wfs by loading it from mako.zip
fsdir=ba.create.wfs("fs",rio,ldir,maxUploads,maxLocks)
fsdir:insert() -- Insert as a root node with name 'fs' in the VFS

Example 2: Shows how to create a WFS object and insert the object into the Virtual File System.

You can copy the above Lua scripts in example 1 and 2, paste it into a .preload script, and use the Mako Server to load the .preload script. You can then access the Web File Manager using a browser by navigating to the URL http://server-name/fs/.

cloud storage

Security

Running the above code for anything but test purposes is not recommended since you have no security and anyone can access the Web File Manager and WebDAV server without having to log in. What’s missing from the above code is an authenticator and authorizer object. The following code installs a Digest authenticator object in the WFS object.

-- The username/password callback function.
local function getpassword(username)
   if username == "admin" then return "admin" end
end
-- Create the username database from our getpassword func.
local authuser=ba.create.authuser(getpassword)
-- Create authenticator by using the username database.
local authenticator=ba.create.authenticator(authuser)
-- Enable authentication for the directory.
fsdir:setauth(authenticator)

Example 3: Installing a Digest Authentication object in the WFS object.

The above password function makes it possible to login with the username ‘admin’ and password ‘admin’. This function can easily be redesigned such that the function fetches the credentials from a SQL database.

Many WebDAV clients require Digest Authentication and this is also the default authenticator type created by function ba.create.authenticator. You may want to use form based authentication for browser users. The Barracuda Application Server provides many authentication types and you can make an authenticator object use form based authentication for browsers and Digest for WebDAV clients. Make sure you have a local copy of the Barracuda Application Server documentation and then read up on the various authenticator types.

In addition to providing authentication, it’s also common to provide an authorizer object for WebDAV objects. An authorizer object may limit the authenticated user’s access rights. Creating an authorizer object is explained in the documentation.

The WFS object in the BarracudaDrive server uses the JSON authenticator and the JSON authorizer, which provides a self contained mini user and constraint database system based on JSON. The JSON data can be saved to disk and reloaded at system start. You may want to study how the authenticator and authorizer code in BarracudaDrive works. This code is located in the .config script inside bd.zip. See the BarracudaDrive developer page for more information.

Download Example Code

Download fs.zip and start the example using the Mako Server as follows:

mako -l::fs.zip

Note: The above example requires WFS resource files in mako.zip so make sure the mako server is able to find and load this file. The ZIP file is loaded automatically if the ZIP file is in the same directory as the mako executable. The source code for the Web File Manager can be found in the “mako.zip/wfm/” directory.

Security is an important aspect when using the Web File Server. The Do It Yourself Tutorial includes a few authentication examples. You may also be interested in downloading our authentication example, which is a collection of practical examples that show how to use the Barracuda Application Server's authentication mechanism.

  1. Download authentication.zip
  2. Unpack the ZIP file
  3. Open and read README.html

Posted in Tutorials by bd