- From: Clemm, Geoff <gclemm@rational.com>
- Date: Wed, 27 Jun 2001 13:51:42 -0400
- To: WebDAV WG <w3c-dist-auth@w3.org>
I have to vigorously disagree with Jim's suggestion that it is ever reasonable behavior for a client to steal a lock without first having a dialog with the user. People work on multiple machines, and with multiple clients on the same machine that access the same resources (e.g. Word and the Windows Explorer). It is just too easy to forget or not notice that you already have a client open that is modifying a resource. And if the user does explicitly tell the client to go ahead and steal the lock, it should do so by unlocking the resource, and obtaining a new lock. This ensures that if the original locking client is still around, it will not overwrite the data you just uploaded. Cheers, Geoff -----Original Message----- From: Jim Whitehead [mailto:ejw@cse.ucsc.edu] Sent: Wednesday, June 27, 2001 1:20 PM To: WebDAV WG Subject: RE: Are you using lock discovery? > I'm sure Jim know this, but I'd just like to warn other client developers > that servers are not obligated to expose the lock-token in the > lock-discovery property. Servers might chose not to expose the tokens so > as to avoid the situation described in section 7.6. Make sure > your clients can handle a server not returning the lock token in the lock-discovery > property. Well, actually, this did take me a bit by surprise. But, after re-reading Section 13.8, Jason is right, we do allow servers to hold back some elements of the lockdiscovery property. But, the stated rationale is access control, not keeping clients from grabbing lock tokens. It seems to me the root issue here is how much you trust users to remove their own locks. For DAV Explorer, we felt the people using the tool would likely either be doing server development, or setup of a WebDAV server. That it why we added the protocol logging feature to the tool. While DAV Explorer is useful enough to accomplish some day-to-day editing work, we didn't think that would be its main use (we were somewhat surprised to see DAV Explorer get bundled with the Merlin server: http://www.abriasoft.com/products/product16.php :-). Since we felt our user base would be fairly sophisticated, we were comfortable giving them the ability to grab locks that they took out using another program (and no, I don't think DAV Explorer prompts the user about this). This makes it a handy protocol exploration tool. If you want to know exactly how tool X performs when a lock is yanked out from under it, you can use DAV Explorer to unlock the resource. For more mainstream *authoring* tools, I agree completely that, if the user is granted the ability to grab a lock, they should be shown a dialog box about the event. As for tools like Goliath that give a filesystem-like view, I think a good case can be made either way (prompting or no prompting). Perhaps it should be configurable, or the dialog should have an option to not be displayed in the future. - Jim
Received on Wednesday, 27 June 2001 13:45:27 UTC