"What should UNLOCK return if a bad token is provided or no token. (This 
might be contingent on UNLOCK_NEEDS_IF_HEADER.)"

I just tested this, here are the results (test script attached):

(a) Microsoft IIS 5.0: (a1) no lock token: 400, (a2) bad lock token: 412.

(b) Apache/Moddav 2.0.49: (b1) no lock token: 400, (b2): bad lock token: 

(c) SAP Enterprise Portal 5SP6: (c1) no lock token: 412, (c2): bad lock 
token: 412.

(d) Xythos (Sharemation): see (c). (I also note that Xythos is returning 
invalid lock tokens)


- we can't guarantee a specific status code,

- we should define a specific precondition (see proposal at 

- we should talk about what is the right thing to do here -- basically 
we need to answer whether "lock-token" is a request header that 
contributes to precondition checking as defined by RFC2616 
(<>) -- if we 
can agree on this, Apache/moddav's behaviour would be correct.

Feedback appreciated,


<green/>bytes GmbH -- -- tel:+492512807760

Received on Sunday, 6 June 2004 15:29:06 UTC