- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Wed, 05 Nov 2008 23:01:31 +0100
- To: John Meissen <john@meissen.org>
- CC: litmus@lists.manyfish.co.uk, WebDAV <w3c-dist-auth@w3.org>
John Meissen wrote: >> No, I don't think this would be correct. >> >> If a server doesn't allow shared locks, it should reject the request. >> That's it. >> >> And yes, making Litmus smarter with respect to shared lock functionality >> would be good. >> >> Best regards, Julian >> > > On the other hand, while there is explicit language detailing what other > conditions constitute failure there is nothing about shared vs exclusive. > And it's not clear to me that any of the listed potential responses would > fit such a failure. That list is not exhaustive. From <http://greenbytes.de/tech/webdav/rfc4918.html#rfc.section.9.11.1>: "In addition to the general status codes possible, the following status codes have specific applicability to UNLOCK:" In general, when a client sends a request, and the server can't fulfill it, it has to return an appropriate failure code, and *not* do something else. The timeout value is a special case, and that's why the spec says so. > Conceptually, the server is being asked to lock a resource and also allow > other clients to lock it. I'm willing to grant a lock to this client, but > I won't allow other clients to also lock it. In which case you need to fail the request, and then the client can retry an exclusive lock. > If a client cared about the lock scope they would retrieve the > lockdiscovery property first to find out whether shared locks are > supported. I suspect that most clients will neither note nor care about That is not true. I personally have written a client that assumes that success means success, and this works with all the servers I've tested against back then (those that do support shared locks, and those that don't). Your interpretation is creative, but it would be your job to prove that you're not introducing an interop problem for those clients that want shared locks. (and you do). > this distinction, and would only be aware that they were unable to lock > the resource (as I encountered with litmus). Yes, that's an example that misleading test suites can cause implementors to make the wrong choices. Shared locks are optional, so Litmus should just state that the server doesn't support them, instead of misleading implementers to do the wrong thing. > I real-world situations it would seem to me preferrable to grant a lock > of the supported type rather than fail the request. It will almost certainly > make no difference to the requesting client, where to do otherwise has > the potential to break existing applications. Sorry, but that is nonsense. If it doesn't make a difference, the client wouldn't have asked for a shared lock in the first place. If it does make a difference, the client would have either checked DAV:supportedlock first, and then made a choice, or just tried and checked for the status code. This works today with Apache/mod_dav, Slide, Jackrabbit, SAP KM, Xythos and Microsoft IIS. BR, Julian
Received on Wednesday, 5 November 2008 22:08:56 UTC