Index: 4.2.0/webdav.php
===================================================================
--- 4.2.0/webdav.php	(revision 101)
+++ 4.2.0/webdav.php	(working copy)
@@ -1,4 +1,5 @@
 <?php
+// ###JAC_PATCH_G_08_EZ_4.2.0### RootFolderPublicVisible
 //
 // This is the index_webdav.php file. Manages WebDAV sessions.
 //
@@ -159,10 +160,30 @@
         //     $requestUri = '/webdav.php/';
         // }
 
-        $server = ezcWebdavServer::getInstance();
+        // ###JAC_PATCH_G_08_EZ_4.2.0### RootFolderPublicVisible
+        // Patch - show webdavrootfolder with all available sites only if it is public
+        // global webdav.ini.append.php
+        // # enabled - all available site for webdav will be displayed
+        // # disabled - sitelist is not shown - only direct access to sitaccess is possible
+        // #            http://webdav.domain.de/siteaccess_admin
+        // [GeneralSettings]
+        // RootFolderPublicVisible=enabled
 
-        $backend = new eZWebDAVContentBackend();
-        $server->handle( $backend );
+        $rootFolderPublicVisible = 'enabled';
+        if( $webDavIni->hasVariable( 'GeneralSettings', 'RootFolderPublicVisible' ) )
+            $rootFolderPublicVisible = $webDavIni->variable( 'GeneralSettings', 'RootFolderPublicVisible' );
+
+        if( $rootFolderPublicVisible === 'enabled' )
+        {
+            $server = ezcWebdavServer::getInstance();
+
+            $backend = new eZWebDAVContentBackend();
+            $server->handle( $backend );
+        }
+        else
+        {
+             header( "HTTP/1.1 403 Forbidden" );
+        }
     }
     // Else: need to login with username/password:
     else