RE: Finding out who locked a resource from Nevermann, Dr., Peter on 2003-02-14 (w3c-dist-auth@w3.org from January to March 2003)

From: Nevermann, Dr., Peter <Peter.Nevermann@softwareag.com>
Date: Fri, 14 Feb 2003 13:22:49 +0100
To: "'Lisa Dusseault'" <lisa@xythos.com>
Cc: "'w3c-dist-auth@w3c.org'" <w3c-dist-auth@w3c.org>
Message-ID: <DFF2AC9E3583D511A21F0008C7E6210605C47D99@daemsg02.software-ag.de>

Interoperability problems with some clients may arise when adding an
DAV:principal-URL element to the DAV:lockdiscovery property.

In the case of Microsoft Office2000 (e.g. Word), I noticed that it depends
on the *order* of the child elements inside the DAV:activelock element. If
the DAV:principal-URL element doesn't come *last*, as in the attached sample
PROPFIND response, Word doesn't seem to send correctly the Lock-Token:
header. This occurs,for example, when creating a new resource: the PUT
request following the LOCK request (which initially created a lock-null
resource) sends Lock-Token: <>.

Regards,
Peter

<?xml version="1.0" encoding="UTF-8"?>
<D:multistatus xmlns:D="DAV:">
<D:response xmlns:D="DAV:">
    <D:href>/taminowebdavserver/mycoll/foo/Hello.doc</D:href>
    <D:propstat>
        <D:prop>
            <D:lockdiscovery>
                <D:activelock>
                    <D:locktype>
                        <D:write />
                    </D:locktype>
                    <D:lockscope>
                        <D:exclusive />
                    </D:lockscope>
                    <D:depth>infinity</D:depth>
                    <D:owner><![CDATA[pn]]></D:owner>
                    <D:principal-URL>
                        <D:href>/users/localhost/davuser</D:href>
                    </D:principal-URL>
                    <D:timeout>Second-60</D:timeout>
                    <D:locktoken>
 
<D:href>opaquelocktoken:a1c232a71a2bfa5f2008fb162ccaecdb</D:href>
                    </D:locktoken>
                </D:activelock>
            </D:lockdiscovery>
        </D:prop>
        <D:status>HTTP/1.1 200 OK</D:status>
    </D:propstat>
</D:response>

</D:multistatus>


Regards,
Peter Nevermann

Software AG, Research & Development
Uhlandstr. 12, D-64297 Darmstadt
+49-6151-92-1828
http://developer.softwareag.com/tamino/
 

> -----Original Message-----
> From: Lisa Dusseault [mailto:lisa@xythos.com]
> Sent: Saturday, February 08, 2003 20:42
> To: Webdav WG
> Subject: Finding out who locked a resource
> 
> 
> 
> 
> One of the things that 2518 didn't try to do, because it had to finish
> in finite time, was to specify exactly how a lock owner is 
> shown. One of
> the problems was there was no way to identify users.
> 
> Now that Access control exists, there is a way to identify users, and
> the problem can be solved much more nicely.  I suggest we add 
> an element
> "principal-URL" to the lock properties. The element is defined in the
> Access control specification, but it would appear inside the 
> "lockinfo"
> element as part of the "lockdiscovery" property.  This wouldn't
> interfere with the "owner" element, which already is used by some
> clients.
> 
> My approach would be to add this to access control, since that will
> probably get this useful element standardized sooner.  "A server MUST
> include the principal-URL element inside the lockinfo element of a
> lockdiscovery property value, if the LOCK request that 
> created the lock
> successfully authenticated as a known principal."
> 
> Lisa
> 
>

Received on Friday, 14 February 2003 07:23:31 UTC