The documentation [1] says:
The WebDAV service uses the database user credentials in order to perform authentication and authorization. If database user and password are explicitly specified when starting the BaseX HTTP Server using the corresponding startup options, WebDAV will not request additional user authentication from the client.
[1] http://docs.basex.org/wiki/Webdav
I take this to mean that if I start basexhttp from a directory my-app, with a .basex file containing, among other things,
USER = myappuser PASSWORD = lips_are_sealed
then when the client issues a PUT request against a URI of the form http://localhost:8984/webdav/my_app_dir/mydoc34.xml the PUT will be accepted and mydoc34.xml will be added to the database or updated there, depending on whether myappuser has WRITE privileges to the database my_app_dir. I also take it to be saying that the WebDAV server will not ask the client for credentials.
(This last is important to me because it appears that in some Web browsers an XForms submission that requires credentials will cause the browser to ask the user for userid and password, and in other browsers the submission will fail silently. If I can just have BaseX use the application-specific user quietly, that will work fine for this particular application.)
However, what I'm seeing suggests that WebDAV is not using the userid specified in the .basex configuration file -- in my tests, one browser is prompting me for credentials and another is failing silently.
I suppose that what I'm seeing may be consistent with an error in the password in the .basex file, but I have tried it with passwords that are hard to mistype, so I don't think that that's it. I have not found a command to ask the server what user I currently am (the equivalent of whoami).
Am I misreading the documentation?