W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > January to March 2007

Find my principal resource

From: Cyrus Daboo <cyrus@daboo.name>
Date: Tue, 30 Jan 2007 16:37:44 -0700
To: WebDAV <w3c-dist-auth@w3.org>
Message-ID: <1FD8D7C463595B85BBDC7394@ninevah.local>

Hi,
What is the right way on a WebDAV server supporting ACL for a client to 
determine the principal resource for the currently authenticated user?

Right now the only technique I know of is to do:

1) PROPFIND on a resource to get DAV:principal-collection-set
2) Iterate over each DAV:href in the set and do a DAV:principal-match 
report for DAV:self.

The problem with that is that it not only returns the current user's 
principal, but any group principal that one is a member of. So how would 
you know from those which was the actual user principal? i.e. this approach 
is not 100% reliable.

If there really isn't a way to reliably do this now, I would propose the 
following: define a new DAV:self-principal-resource (or just DAV:self) 
property that is available on any resource supporting ACL and which 
contains a single DAV:href pointing to the principal resource for the 
currently authorized user (or is empty if anonymous).

Note that in CalDAV it is important for a client to know the principal 
resource, as there are properties on the principal resource that are 
required to find a users calendars, inbox, outbox etc

-- 
Cyrus Daboo
Received on Wednesday, 31 January 2007 18:35:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:15 GMT