W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 2004

Re: LOCK error marshalling (lockdiscovery property included?)

From: Geoffrey M Clemm <geoffrey.clemm@us.ibm.com>
Date: Sat, 5 Jun 2004 16:59:09 -0400
To: w3c-dist-auth@w3.org
Message-ID: <OF8F17E3B3.B8DA2F32-ON85256EAA.00719C87-85256EAA.00734D9C@us.ibm.com>
Julian Reschke <julian.reschke@gmx.de> wrote on 06/05/2004 06:36:11 AM:

> Geoffrey M Clemm wrote:
> 
> > I don't think anything needs to be changed here.
> > I'm not sure what you had in mind by saying
> > "it MUST be returned on successful execution",
> > since the whole point is to indicate what existing
> > lock caused the LOCK request to fail, i.e. this
> > property is returned only for the failure case.
> 
> In RFC2518, the requirement is independant from the success of the LOCK 
> request: "The response MUST contain the value of the lockdiscovery 
> property in a prop XML element." 

By "this property", I meant the property on the nested resource that
returned 424 because that nested resource was already locked.
I agree that a lockdiscovery property for the resource identified
by the request-URL must always be returned, whether or not the request
succeeded.

> 1) For a successful LOCK creation, returning the element makes a lot of 
> sense, because the client can check the actual state of the lock (did 
> the server accept my Timeout header? what did it persist in the 
> DAV:owner property?). I think that part is widely implemented and if 
> fact used by popular clients such as MS Office (it checks the response 
> body to decide whether the created lock is really what it wanted). 
> Therefore we should keep that part, and this is why I was saying "MUST 
> be returned on success".

Yes, I agree.

> 2) For a failed LOCK request, there are (at least) two scenarios:
> 
> 2a) The resource at the request URI can not be locked, for instance 
> because it already has a conflicting lock. In that case, I'd expect a 
> 4xx status code, and RFC2518 does not define a way to send back 
> DAV:lockdiscovery. If we require the server to send back a 207 with 
> response body in this case, this really needs to be stated explicitly 
> because it's far from obvious.

Well, it is stated in section 8.10.4, but I agree that it is not clearly
stated, since the only way to guess how to marshall it is by extrapolation
from example 8.10.10.

> 2b) The client tries a deep lock, and some of the descendants of the 
> resource identified by the request URI can not be locked. In that case 
> 
(<http://greenbytes.de/tech/webdav/rfc2518.html#rfc.section.8.10.4.p.3>), 
> the text requires a 409 and a multistatus body (this is a bug in both 
> RFC2518 and RFC2518bis, it should be 207, 
> 
see...:<http://greenbytes.de/tech/webdav/rfc2518.html#rfc.section.8.10.4.p.3
> >). 

Yes, that inconsistency in the spec doesn't contribute much in the way
of clarity (:-).

> In that case, the DAV:lockdiscovery property for the resource at the 
> request URI will usually be empty, and it escapes me why anybody would 
> want to send that back to the client.

It might not be empty because there might already be a shallow
lock on that collection.  So returning the lockdiscovery property
tells the client definitively whether or not there already is a
lock on the request URL resource, which is useful information when
dealing with the failure.

> > WRT the marshalling, I agree that this is not a
> > consistent way of using the propstat syntax
> > (i.e. the status is not about the property,
> > but that was just a convenient place to put it).
> > So if nobody implements this,
> > we certainly could define a cleaner marshalling,
> > but if any client/server does implement it, then we
> > should leave it alone.
> 
> Let's find out.

Yup.

Cheers,
Geoff
Received on Saturday, 5 June 2004 16:59:58 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:06 GMT