W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > January to March 1998

RE: v6: 12.9 lockdiscovery

From: Dylan Barrell <dbarrell@opentext.ch>
Date: Thu, 29 Jan 1998 21:54:05 +0100
Message-ID: <01BD2D06.40DB27C0@cassius.opentext.ch>
To: "'Yaron Goland'" <yarong@microsoft.com>, "'Jim Davis'" <jdavis@parc.xerox.com>, "w3c-dist-auth@w3.org" <w3c-dist-auth@w3.org>
Cc: "Saveen Reddy (Exchange)" <saveenr@exchange.microsoft.com>
This might seem obvious but I think it should be stated that the locktoken MUST be returned if the requesting principle is the owner of the lock (seeing as we don't go into permissions in any further detail, we must guarantee that the owner of a lock can always retrieve the token).


-----Original Message-----
From:	Yaron Goland [SMTP:yarong@microsoft.com]
Sent:	Sunday, January 25, 1998 1:49 AM
To:	'Jim Davis'; w3c-dist-auth@w3.org
Cc:	Saveen Reddy (Exchange)
Subject:	RE: v6: 12.9 lockdiscovery

An excellent point. My guys brought up the exact same issue only yesterday.

I would like to propose some language to deal with this issue:

1. All locks outstanding on a resource MUST be listed. To do otherwise would
confuse the hell out of a client who is getting locked errors on PUTs but
doesn't see any write locks listed in lockdiscovery.

2. Owner, timeout, and locktoken are to be made optional.

One of the problems we have run into is that sometimes a resource gets
locked through a mechanism other than DAV, for example a program directly
manipulating the underlying operating system. While the DAV server will know
about the lock, it will not have the ability to do anything with it. As such
it doesn't have a "lock token" for the lock. We could, of course, just issue
a fake lock token. But the problem is that we expect, eventually, that
administrative tools will be written to work with DAV. An administrator who
tries to force an unlock using a fake lock token is in for a very confusing
time. Additionally I also think that timeout should be optional because the
information may not always be available. Finally, I don't think depth should
be optional. I hate "default values" (in this case if Depth is not present
its value is taken to be 0). They always lead to trouble.

Currently the production for activelock is:

<!ELEMENT activelock (locktype, lockscope, depth?, owner, timeout,
locktoken) >

Under the proposed changed it would become:

<!ELEMENT activelock (locktype, lockscope, depth, owner?, timeout?,
locktoken?) >

Is this acceptable to everyone?


PS Jim, as always, you're the man.

> -----Original Message-----
> From:	Jim Davis [SMTP:jdavis@parc.xerox.com]
> Sent:	Saturday, January 24, 1998 2:04 PM
> To:	w3c-dist-auth@w3.org
> Subject:	v6: 12.9 lockdiscovery
> 12.9 says "The server is free to withhold any or all of this information
> if
> the requesting principal does not have sufficient access rights to see the
> requested data."  
> If the server does not wish to inform caller of, say, the owner, then
> should it generate an empty owner or should it leave it out of the
> activelock altogether?  The latter would violate the syntax of activelock,
> as only depth is optional.  I am not sure whether all the other elements
> of
> activelock are defined to allow them to be empty.  If any of them are,
> then
> we have an inconsistency.  If all of them allow empty, then the spec
> should
> add language telling what to do.
Received on Thursday, 29 January 1998 16:33:58 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:01:13 UTC