Finding out who locked a resource

One of the things that 2518 didn't try to do, because it had to finish
in finite time, was to specify exactly how a lock owner is shown. One of
the problems was there was no way to identify users.

Now that Access control exists, there is a way to identify users, and
the problem can be solved much more nicely.  I suggest we add an element
"principal-URL" to the lock properties. The element is defined in the
Access control specification, but it would appear inside the "lockinfo"
element as part of the "lockdiscovery" property.  This wouldn't
interfere with the "owner" element, which already is used by some
clients.

My approach would be to add this to access control, since that will
probably get this useful element standardized sooner.  "A server MUST
include the principal-URL element inside the lockinfo element of a
lockdiscovery property value, if the LOCK request that created the lock
successfully authenticated as a known principal."

Lisa

Received on Saturday, 8 February 2003 14:42:14 UTC