W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 2004

Re: Issue #68: UNLOCK_WITHOUT_GOOD_TOKEN

From: Geoffrey M Clemm <geoffrey.clemm@us.ibm.com>
Date: Sun, 6 Jun 2004 20:20:21 -0400
To: w3c-dist-auth@w3.org
Message-ID: <OF21A908CF.1493CA0F-ON85256EAC.000143A7-85256EAC.0001E485@us.ibm.com>
I would vote for treating the lock-token as a request header
that contributes to precondition checking, so I agree with
the ModDav/Microsoft behavior.

Cheers,
Geoff

Julian wrote on 06/06/2004 03:28:21 PM:
> 
> "What should UNLOCK return if a bad token is provided or no token. (This 

> might be contingent on UNLOCK_NEEDS_IF_HEADER.)"
> 
> I just tested this, here are the results (test script attached):
> 
> (a) Microsoft IIS 5.0: (a1) no lock token: 400, (a2) bad lock token: 
412.
> 
> (b) Apache/Moddav 2.0.49: (b1) no lock token: 400, (b2): bad lock token: 

> 412.
> 
> (c) SAP Enterprise Portal 5SP6: (c1) no lock token: 412, (c2): bad lock 
> token: 412.
> 
> (d) Xythos (Sharemation): see (c). (I also note that Xythos is returning 

> invalid lock tokens)
> 
> Summarizing:
> 
> - we can't guarantee a specific status code,
> 
> - we should define a specific precondition (see proposal at 
> <http://greenbytes.de/tech/webdav/draft-reschke-webdav-locking-
> latest.html#rfc.section.5>)
> 
> - we should talk about what is the right thing to do here -- basically 
> we need to answer whether "lock-token" is a request header that 
> contributes to precondition checking as defined by RFC2616 
> (<http://greenbytes.de/tech/webdav/rfc2616.html#status.412>) -- if we 
> can agree on this, Apache/moddav's behaviour would be correct.
> 
> Feedback appreciated,
> 
> Julian
> 
> -- 
> <green/>bytes GmbH -- http://www.greenbytes.de -- tel:+492512807760
> 
> [attachment "068_UNLOCK_WITHOUT_GOOD_TOKEN.js.gz" deleted by 
> Geoffrey M Clemm/Lexington/IBM] 
Received on Sunday, 6 June 2004 20:21:13 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:06 GMT