Index: .
===================================================================
--- .	(revision 21370)
+++ .	(working copy)
@@ -146,8 +146,28 @@
          $_SERVER['REQUEST_URI'] == '/webdav.php/' or
          $_SERVER['REQUEST_URI'] == '/webdav.php' )
     {
-        $testServer = new eZWebDAVContentServer();
-        $testServer->processClientRequest();
+        // Patch - show webdavrootfolder with all available site only if it is public
+        // global webdav.ini.append.php
+        // # enabled - all available site for webdav will be displayed
+        // # disabled - sitelist is not shown - only direct access to sitaccess is possible
+        // #            http://webdav.domain.de/siteaccess_admin
+        // [GeneralSettings]
+        // RootFolderPublicVisible=enabled
+
+        $rootFolderPublicVisible = 'enabled';
+        if( $webDavIni->hasVariable( 'GeneralSettings', 'RootFolderPublicVisible' ) )
+            $rootFolderPublicVisible = $webDavIni->variable( 'GeneralSettings', 'RootFolderPublicVisible' );
+
+        if( $rootFolderPublicVisible === 'enabled' )
+        {
+            $testServer = new eZWebDAVContentServer();
+            $testServer->processClientRequest();
+        }
+        else
+        {
+             header( "HTTP/1.1 403 Forbidden" );
+        }
+
     }
     // Else: need to login with username/password:
     else
@@ -158,6 +178,10 @@
         // Get the name of the site that is being browsed.
         $currentSite = $server->currentSiteFromPath( $_SERVER['REQUEST_URI'] );
 
+        //load extension siteaccess to get webdaav.ini values for folderClass
+        eZExtension::prependExtensionSiteAccesses( $currentSite, false, true, false, false );
+        $webDavIni->loadCache( true );
+
         // Proceed only if the current site is valid:
         if ( $currentSite )
         {