W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 2004

Re: Issue #68: UNLOCK_WITHOUT_GOOD_TOKEN

From: Julian Reschke <julian.reschke@gmx.de>
Date: Mon, 07 Jun 2004 09:35:49 +0200
Message-ID: <40C41AD5.6040204@gmx.de>
To: Geoffrey M Clemm <geoffrey.clemm@us.ibm.com>
Cc: w3c-dist-auth@w3.org

Geoffrey M Clemm wrote:

 > I would vote for treating the lock-token as a request header
 > that contributes to precondition checking, so I agree with
 > the ModDav/Microsoft behavior.

'%"$%$! I mistyped the results. The actual results are:

(a) Microsoft IIS 5.0: (a1) no lock token: 400, (a2) bad lock token: 412.

(b) Apache/Moddav 2.0.49: (b1) no lock token: 400, (b2): bad lock token: 
410.

(c) SAP Enterprise Portal 5SP6: (c1) no lock token: 412, (c2): bad lock 
token: 412.

(d) Xythos (Sharemation): see (c). (I also note that Xythos is returning 
invalid lock tokens)

RFC2616 treats exactly all "If-*" headers as defining preconditions. 
RFC2518 adds "If" (which is obvious) and also explicitly "Overwrite" 
(but at least it's clear about it). As RFC2518 nowhere states that the 
"Lock-Token" header expresses a "precondition", I'm leaning to 
favorizing Apache's behaviour (which is *not* what IIS does...).

Best regards, Julian


-- 
<green/>bytes GmbH -- http://www.greenbytes.de -- tel:+492512807760
Received on Monday, 7 June 2004 04:09:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:06 GMT