W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > October to December 1999

UNLOCK issues

From: Greg Stein <gstein@lyra.org>
Date: Sat, 6 Nov 1999 19:30:01 -0800 (PST)
To: w3c-dist-auth@w3.org
Message-ID: <Pine.LNX.4.10.9911061918071.32496-100000@nebula.lyra.org>
The UNLOCK method isn't documented very well with respect to its
interaction with the Depth: header or how to return errors (generally, and
in the case of a failed If: condition match).

S9.2 states that a Depth: header is only supported if the method
explicitly supports it. Am I to assume, then, that UNLOCK ignores the
Depth: header? (or should it return an error if one is present?)

Presuming the UNLOCK should always be treated as Depth: 0, then an If:
failure is pretty easy. No multistatus is possible, so a 412 (Precondition
Failed) would be the response from an UNLOCK?

Note there is also a bit of weirdness in that UNLOCK is Depth: 0, but that
a lock could have Depth: infinity. And that you can unlock the whole tree
of locks by unlocking any of the locked resource.

Also, how do you signify failure if the UNLOCK cannot be performed? For
example, an unknown lock token or improper authorization? Let's say the
lock token isn't found. Return a 400 (Bad Request)? Now, let's say the
lock token *is* found but the authorization is wrong. Just keep returning
401 (Unauthorized) until they get it right?

Well... this is somewhat rambling. To summarize:

* I think S8.11 should be explicit that the Depth: header is not used.
* There should be a summary of "typical" status codes like some of the
  other sections.


Greg Stein, http://www.lyra.org/
Received on Saturday, 6 November 1999 22:28:18 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:01:20 UTC