Adding WebDAV Authoring Rules <add>


The <add> element of the <authoringRules> element specifies the access permissions for users or groups for specific content types for a unique authoring rule.

Authoring rules can be defined per-URI within a Web site, and specifies the WebDAV authoring permissions for that URI space. The permissions in this element are inherited, so child URIs will have the same permissions as a parent URI, provided that the child URI does not have unique permissions defined.


Version Notes
IIS 7.5 The <add> element of the <authoringRules> element ships as a feature of IIS 7.5.
IIS 7.0 The <add> element of the <authoringRules> element was introduced in WebDAV 7.0, which was a separate download for IIS 7.0.
IIS 6.0 N/A

Note: The WebDAV 7.0 and WebDAV 7.5 modules shipped out-of-band for IIS 7.0, which required downloading and installing the modules from the following URL:

With Windows 7 and Windows Server 2008 R2, the WebDAV 7.5 module ships as a feature for IIS 7.5, so downloading WebDAV is no longer necessary.


To support WebDAV publishing for your Web server, you must install the WebDAV module. To do so, use the following steps.

IIS 7.5 for Windows Server 2008 R2

  1. On the taskbar, click Start, point to Administrative Tools, and then click Server Manager.
  2. In the Server Manager hierarchy pane, expand Roles, and then click Web Server (IIS).
  3. In the Web Server (IIS) pane, scroll to the Role Services section, and then click Add Role Services.
  4. On the Select Role Services page of the Add Role Services Wizard, expand Common HTTP Features, select WebDAV Publishing, and then click Next.
  5. On the Confirm Installation Selections page, click Install.
  6. On the Results page, click Close.

IIS 7.5 for Windows 7

  1. On the taskbar, click Start, and then click Control Panel.
  2. In Control Panel, click Programs and Features, and then click Turn Windows Features on or off.
  3. Expand Internet Information Services, then World Wide Web Services, and then Common HTTP Features.
  4. Select WebDAV Publishing, and then click OK.

IIS 7.0 for Windows Server 2008 and Windows Vista

How To

How to add WebDAV authoring rules

  1. Open Internet Information Services (IIS) Manager:
    • If you are using Windows Server 2008 or Windows Server 2008 R2:
      • On the taskbar, click Start, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
    • If you are using Windows Vista or Windows 7:
      • On the taskbar, click Start, and then click Control Panel.
      • Double-click Administrative Tools, and then double-click Internet Information Services (IIS) Manager.
  2. In the Connections pane, expand the server name, and then go to the site, application, or directory where you want to enable directory browsing.
  3. In the Home pane, double-click WebDAV Authoring Rules.
  4. In the Actions pane, click Add Authoring Rule...
  5. In the Add Authoring Rule dialog, specify the following options:
    • Allow access to: Specify whether the authoring rule should apply to all content types, or specify specific content types to allow.
    • Allow access to this content to: Specify whether the authoring rule should apply to all users, to specific groups or roles, or to specific users.
    • Permissions: Specify whether the authoring rule should allow Read, Write, or Source access for the specified content types and users.
  6. Click OK.


The <authoringRules> element is configurable per-URI in the ApplicationHost.config file. Settings can be stored globally, at the site level, or per folder. The <authoringRules> element cannot be delegated, so any <authoringRules> elements in Web.config files are ignored.


Attribute Description
access Optional flags attribute.

Specifies the access settings for the authoring rule. These values combined with a logical OR operation, so "None, Read" = "Read."

Note: Source access allows a WebDAV client to request the contents of a script-mapped file, such as an ASP.NET or PHP file, as opposed to the processed output of the file.
Value Description
None No authoring is allowed.

The numeric value is 0.
Read Read access is allowed.

The numeric value is 1.
Write Write access is allowed.

The numeric value is 2.
Source Access to source code is allowed.

The numeric value is 16.
The default value is None.
path Optional string attribute.

Specifies the file name or the file name extension for which the authoring rule applies. For example, "*.aspx", "*.php", etc. In addition, the following special identifiers have been defined.
Value Description
* Specifies that the rule will apply to all content.
There is no default value.
roles Optional string attribute.

Specifies roles or groups for an authorization rule. Multiple roles can be added in a comma-separated list.

There is no default value.
users Optional string attribute.

Specifies users for an authorization rule. Multiple users can be added in a comma-separated list. In addition, the following special identifiers have been defined.
Value Description
* Specifies that the rule will apply to all users.
? Specifies that the rule will apply to anonymous users.
There is no default value.

Child Elements


Configuration Sample

The following example lists a sample <webdav> element for the Default Web Site. This example clears any existing authoring rules, adds a single rule for the administrators group, enables WebDAV authoring, specifies that hidden files are allowed, enables WebDAV locks and specifies the lock provider, and enables WebDAV properties and specifies the default XML namespace for property mapping.

<location path="Default Web Site">
         <authoringRules defaultAccess="none" allowNonMimeMapFiles="true" defaultMimeType="text/plain">
            <clear />
            <add roles="administrators" path="*" access="Read, Write, Source" />
         <authoring enabled="true" requireSsl="false">
            <fileSystem allowHiddenFiles="true" />
            <locks enabled="true" lockStore="webdav_simple_lock" requireLockForWriting="false" />
            <properties allowAnonymousPropfind="false" allowInfinitePropfindDepth="false" allowCustomProperties="true">
               <clear />
               <add xmlNamespace="*" propertyStore="webdav_simple_prop" />

Sample Code

The following examples configure WebDAV authoring rules so that WebDAV clients can publish files that are not listed in the IIS MIME map, and add a single authoring rule that grants Read, Write, and Source access to the administrators group.


appcmd.exe set config "Default Web Site" -section:system.webServer/webdav/authoringRules /allowNonMimeMapFiles:"True" /commit:apphost

appcmd.exe set config "Default Web Site" -section:system.webServer/webdav/authoringRules /+"[roles='administrators',path='*',access='Read, Write, Source']" /commit:apphost

Note: You must be sure to set the commit parameter to apphost when you use AppCmd.exe to configure these settings. This commits the configuration settings to the appropriate location section in the ApplicationHost.config file.


using System;
using System.Text;
using Microsoft.Web.Administration;

internal static class Sample
   private static void Main()
      using (ServerManager serverManager = new ServerManager())
         Configuration config = serverManager.GetApplicationHostConfiguration();

         ConfigurationSection authoringRulesSection = config.GetSection("system.webServer/webdav/authoringRules", "Default Web Site");
         authoringRulesSection["allowNonMimeMapFiles"] = true;

         ConfigurationElementCollection authoringRulesCollection = authoringRulesSection.GetCollection();

         ConfigurationElement addElement = authoringRulesCollection.CreateElement("add");
         addElement["roles"] = @"administrators";
         addElement["path"] = @"*";
         addElement["access"] = @"Read, Write, Source";



Imports System
Imports System.Text
Imports Microsoft.Web.Administration

Module Sample
   Sub Main()
      Dim serverManager As ServerManager = New ServerManager
      Dim config As Configuration = serverManager.GetApplicationHostConfiguration

      Dim authoringRulesSection As ConfigurationSection = config.GetSection("system.webServer/webdav/authoringRules", "Default Web Site")
      authoringRulesSection("allowNonMimeMapFiles") = True

      Dim authoringRulesCollection As ConfigurationElementCollection = authoringRulesSection.GetCollection

      Dim addElement As ConfigurationElement = authoringRulesCollection.CreateElement("add")
      addElement("roles") = "administrators"
      addElement("path") = "*"
      addElement("access") = "Read, Write, Source"

   End Sub
End Module


var adminManager = new ActiveXObject('Microsoft.ApplicationHost.WritableAdminManager');
adminManager.CommitPath = "MACHINE/WEBROOT/APPHOST";

var authoringRulesSection = adminManager.GetAdminSection("system.webServer/webdav/authoringRules", "MACHINE/WEBROOT/APPHOST/Default Web Site");
authoringRulesSection.Properties.Item("allowNonMimeMapFiles").Value = true;

var authoringRulesCollection = authoringRulesSection.Collection;

var addElement = authoringRulesCollection.CreateNewElement("add");
addElement.Properties.Item("roles").Value = "administrators";
addElement.Properties.Item("path").Value = "*";
addElement.Properties.Item("access").Value = "Read, Write, Source";



Set adminManager = createObject("Microsoft.ApplicationHost.WritableAdminManager")
adminManager.CommitPath = "MACHINE/WEBROOT/APPHOST"

Set authoringRulesSection = adminManager.GetAdminSection("system.webServer/webdav/authoringRules", "MACHINE/WEBROOT/APPHOST/Default Web Site")
authoringRulesSection.Properties.Item("allowNonMimeMapFiles").Value = True

Set authoringRulesCollection = authoringRulesSection.Collection

Set addElement = authoringRulesCollection.CreateNewElement("add")
addElement.Properties.Item("roles").Value = "administrators"
addElement.Properties.Item("path").Value = "*"
addElement.Properties.Item("access").Value = "Read, Write, Source"

Deprecated Elements