- From: Dirk-Willem van Gulik <dirkx@webweaving.org>
- Date: Mon, 8 Jul 2002 21:35:03 +0000 (GMT)
- To: "Clemm, Geoff" <gclemm@rational.com>
- cc: w3c-dist-auth@w3.org
y On Mon, 8 Jul 2002, Clemm, Geoff wrote: > > I agree that an UNLOCK on a resource not locked by the > specified lock token MUST fail. > > Cheers, > Geoff > > -----Original Message----- > From: Jason Crawford [mailto:ccjason@us.ibm.com] > Sent: Monday, July 08, 2002 3:10 PM > To: Julian Reschke > Cc: w3c-dist-auth@w3.org > Subject: Issue: UNLOCK_WHAT_URL > > > I've changed the issue name to the one on the issue list that seems more > appropriate. See new Subject: line. > > > So do we have agreement that *any* of the URIs affected by a deep lock can > > be used to do the UNLOCK operation? > > > The other question of that issue is... do we agree that if you request an > UNLOCK > on a resource that is not locked by that lock, that the request should fail? > > > I believe in previous discussions it was suggested that we should not allow > one > to specify a URL other than one that is locked by the lock. The reasoning > was > that in a virtual website where the URI space might be partitioned and > delegated > across several machines (perhaps using intermachine BIND requests), it might > be > burdensome for all machines of the virtual website to be familiar with all > locks. > > Anyway, regardless of folks believing this, I'd like to confirm that UNLOCK > requests > specifying a request URI of an unlocked resource should be rejected. > > Opinions? > > J. > > > ------------------------------------------ > Phone: 914-784-7569, ccjason@us.ibm.com > > "Julian Reschke" <julian.reschke@gmx.de> > > > > > > "Julian Reschke" <julian.reschke@gmx.de> > Sent by: w3c-dist-auth-request@w3.org > 07/08/2002 07:24 AM > > To: <w3c-dist-auth@w3.org> > cc: > Subject: RE: root of a lock, was HOW_TO_IDENTIFY_LOCK_OWNER > > > > > > To: Daniel Brotsky <dbrotsky@adobe.com> > > Cc: "Clemm, Geoff" <gclemm@Rational.Com>, w3c-dist-auth@w3c.org > > Message-ID: <OF7C4220CB.830F87EE-ON85256B41.006F0EFA@pok.ibm.com> > > From: "Jason Crawford" <ccjason@us.ibm.com> > > Date: Mon, 14 Jan 2002 15:19:50 -0500 > > Subject: RE: root of a lock, was HOW_TO_IDENTIFY_LOCK_OWNER > > > > > > > In addition to Geoff's answer: > > > If you are an administrator trying to unlock a resource obtained by > > > someone else, you have to be able to figure out which resource to > > > unlock. You can't unlock an internal member of a collection that's > > > locked by a depth-inifinity lock without knowing which collection was > > > actually locked. > > > > CAN'T? > > (going back to an old discussion...) > > RFC2518, 8.11 says [1]: > > "The UNLOCK method removes the lock identified by the lock token in the > Lock-Token request header from the Request-URI, and all other resources > included in the lock. If all resources which have been locked under the > submitted lock token can not be unlocked then the UNLOCK request MUST fail. > " > > So do we have agreement that *any* of the URIs affected by a deep lock can > be used to do the UNLOCK operation? > > > [1] <http://greenbytes.de/tech/webdav/rfc2518.html#METHOD_UNLOCK> > >
Received on Monday, 8 July 2002 16:44:34 UTC