- From: Nevermann, Dr., Peter <Peter.Nevermann@softwareag.com>
- Date: Fri, 14 Feb 2003 13:22:49 +0100
- To: "'Lisa Dusseault'" <lisa@xythos.com>
- Cc: "'w3c-dist-auth@w3c.org'" <w3c-dist-auth@w3c.org>
Interoperability problems with some clients may arise when adding an DAV:principal-URL element to the DAV:lockdiscovery property. In the case of Microsoft Office2000 (e.g. Word), I noticed that it depends on the *order* of the child elements inside the DAV:activelock element. If the DAV:principal-URL element doesn't come *last*, as in the attached sample PROPFIND response, Word doesn't seem to send correctly the Lock-Token: header. This occurs,for example, when creating a new resource: the PUT request following the LOCK request (which initially created a lock-null resource) sends Lock-Token: <>. Regards, Peter <?xml version="1.0" encoding="UTF-8"?> <D:multistatus xmlns:D="DAV:"> <D:response xmlns:D="DAV:"> <D:href>/taminowebdavserver/mycoll/foo/Hello.doc</D:href> <D:propstat> <D:prop> <D:lockdiscovery> <D:activelock> <D:locktype> <D:write /> </D:locktype> <D:lockscope> <D:exclusive /> </D:lockscope> <D:depth>infinity</D:depth> <D:owner><![CDATA[pn]]></D:owner> <D:principal-URL> <D:href>/users/localhost/davuser</D:href> </D:principal-URL> <D:timeout>Second-60</D:timeout> <D:locktoken> <D:href>opaquelocktoken:a1c232a71a2bfa5f2008fb162ccaecdb</D:href> </D:locktoken> </D:activelock> </D:lockdiscovery> </D:prop> <D:status>HTTP/1.1 200 OK</D:status> </D:propstat> </D:response> </D:multistatus> Regards, Peter Nevermann Software AG, Research & Development Uhlandstr. 12, D-64297 Darmstadt +49-6151-92-1828 http://developer.softwareag.com/tamino/ > -----Original Message----- > From: Lisa Dusseault [mailto:lisa@xythos.com] > Sent: Saturday, February 08, 2003 20:42 > To: Webdav WG > Subject: Finding out who locked a resource > > > > > One of the things that 2518 didn't try to do, because it had to finish > in finite time, was to specify exactly how a lock owner is > shown. One of > the problems was there was no way to identify users. > > Now that Access control exists, there is a way to identify users, and > the problem can be solved much more nicely. I suggest we add > an element > "principal-URL" to the lock properties. The element is defined in the > Access control specification, but it would appear inside the > "lockinfo" > element as part of the "lockdiscovery" property. This wouldn't > interfere with the "owner" element, which already is used by some > clients. > > My approach would be to add this to access control, since that will > probably get this useful element standardized sooner. "A server MUST > include the principal-URL element inside the lockinfo element of a > lockdiscovery property value, if the LOCK request that > created the lock > successfully authenticated as a known principal." > > Lisa > >
Received on Friday, 14 February 2003 07:23:31 UTC