Re: [Bug 23] lock discovery vs shared locks from Lisa Dusseault on 2005-11-16 (w3c-dist-auth@w3.org from October to December 2005)

From: Lisa Dusseault <lisa@osafoundation.org>
Date: Wed, 16 Nov 2005 09:11:11 -0800
To: Geoffrey M Clemm <geoffrey.clemm@us.ibm.com>
Cc: " webdav" <w3c-dist-auth@w3.org>
Message-Id: <26184f4d8cb12e826aa55c943ec9616d@osafoundation.org>
I agree there's a fair argument for allowing servers not to put lock 
tokens in lockdiscovery all the time.  I can clarify the text there 
because there certainly isn't a consensus to require servers to do 
that.

We could, however, treat the LOCK (create lock) response slightly 
differently, and require that the body contains the lockdiscovery 
property *including* the new lock token -- a special case to handle 
those clients that had problems at Interop tests.

Lisa

On Nov 16, 2005, at 8:11 AM, Geoffrey M Clemm wrote:

>
> Some of the reasons why a server does not include the lock-token:
> - all locks time-out in a reasonable period of time, and so no 
> explicit unlock is needed/supported
> - only the owner/admin is allowed to do the unlock, so the lock-token 
> is only exposed to a client that is authenticated as being either the 
> owner or the admin
>
> Cheers,
> Geoff
>
> Lisa Dusseault <lisa@osafoundation.org> wrote on 11/16/2005 10:41:25 
> AM:
>
>  > That's fine with me too. �So does this mean that lockdiscovery 
> property
>  > (if readable) MUST contain all the locks and all their lock tokens? 
> �
>  > Does that mean that in reply to a LOCK request which successfully
>  > creates a new lock, the server MUST include the full lockdiscovery
>  > property including not just the new lock but also other locks?
>  >
>  > Lisa
>  >
>  > On Nov 15, 2005, at 8:40 PM, Geoffrey M Clemm wrote:
>  >
>  > >
>  > > Sorry, I misread your message. �The text that I was objecting to 
> was
>  > > the clauses:
>  > >
>  > > > if there were a client bug, a crash, a LOCK reply "lost in the 
> mail"
>  > >
>  > > in:
>  > >
>  > > > servers SHOULD provide lock tokens for all locks so
>  > > �> that if there were a client bug, a crash, a LOCK reply "lost 
> in the
>  > > �> mail", or a need for an owner or administrator to remove 
> somebody
>  > > else's
>  > > �> stale lock.
>  > >
>  > > but the text you were proposing was just:
>  > >
>  > > > �"Anyone can
>  > > �> � find out anyone else's lock token by performing lock 
> discovery."
>  > >
>  > > which is fine. �I'd prefer making that explicit (e.g. "A lock 
> token
>  > > discovered by a client via lock discovery SHOULD NOT be used by 
> that
>  > > client for anything other than an UNLOCK request, even if the user
>  > > is authenticated as owning that lock"), but I don't insist that 
> this
>  > > be added (as long as the converse is not added :-).
>  > >
>  > > Cheers,
>  > > Geoff
>  > >
>  > >
>  > > Lisa Dusseault <lisa@osafoundation.org> wrote on 11/15/2005 
> 10:59:10
>  > > PM:
>  > >
>  > > �> I agree with you, but isn't the client supposed to UNLOCK by 
> using
>  > > the
>  > > �> lock token? �If so then how does it learn it... ?
>  > > �>
>  > > �> Lisa
>  > > �>
>  > > �> On Nov 15, 2005, at 7:53 PM, Geoffrey M Clemm wrote:
>  > > �>
>  > > �> >
>  > > �> > I can only repeat what I posted a few weeks ago ... a client
>  > > should
>  > > �> > never steal a lock taken out by an earlier client by 
> re-using the
>  > > �> > lock token of that earlier client ... it should do so by
>  > > UNLOCK'ing
>  > > �> > the resource and requesting its own lock. �That way if the
>  > > original
>  > > �> > lock owner is still alive or comes back to life, the earlier
>  > > client's
>  > > �> > attempt to use the original lock token to update the 
> resource will
>  > > �> > fail,
>  > > �> > thus preventing the changes made by the later client from 
> being
>  > > �> > overwritten.
>  > > �> >
>  > > �> > So I object to the text in the current draft, because it
>  > > encourages
>  > > �> > clients to do the wrong thing, and encourages servers to 
> support
>  > > �> > clients
>  > > �> > doing the wrong thing.
>  > > �> >
>  > > �> > Cheers,
>  > > �> > Geoff
>  > > �> >
>  > > �> >
>  > > �> > w3c-dist-auth-request@w3.org wrote on 11/15/2005 09:13:51 PM:
>  > > �> >
>  > > �> > �>
>  > > �> > �> I'm still concerned about a possible inconsistency here.
>  > > �Sorry if
>  > > �> > I'm �
>  > > �> > �> being dense, but I thought that we had a previous 
> consensus (a
>  > > long
>  > > �> > �
>  > > �> > �> time ago) that servers SHOULD provide lock tokens for all
>  > > locks so
>  > > �> > that �
>  > > �> > �> if there were a client bug, a crash, a LOCK reply "lost 
> in the
>  > > �> > mail", �
>  > > �> > �> or a need for an owner or administrator to remove somebody
>  > > else's
>  > > �> > stale �
>  > > �> > �> lock. �Some text currently in the draft to that extent:
>  > > �> > �>
>  > > �> > �> � �"Anyone can
>  > > �> > �> � � find out anyone else's lock token by performing lock
>  > > discovery."
>  > > �> > �>
>  > > �> > �> So given that implies that lock discovery can find out 
> all lock
>  > > �> > tokens �
>  > > �> > �> (given permission), and that the lockdiscovery property is
>  > > returned
>  > > �> > in �
>  > > �> > �> the LOCK response body, doesn't that mean that the lock 
> token
>  > > is �
>  > > �> > �> returned both in the LOCK response headers (Lock-Token) 
> and
>  > > body?
>  > > �> > �>
>  > > �> > �> Also, we had previously discussed at an interop which is 
> the
>  > > �> > "right" �
>  > > �> > �> place to put the lock token and concluded that servers 
> ought
>  > > to put
>  > > �> > the �
>  > > �> > �> token in both places because we found during 
> interoperability
>  > > �> > testing �
>  > > �> > �> that we had clients that looked in one place, and other 
> clients
>  > > �> > that �
>  > > �> > �> looked in the other, so we might as well continue 
> supporting
>  > > both.
>  > > �> > �>
>  > > �> > �> Lisa
>  > > �> > �>
>  > > �> > �> On Nov 6, 2005, at 12:09 PM, Julian Reschke wrote:
>  > > �> > �>
>  > > �> > �> >
>  > > �> > �> > For the record,
>  > > �> > �> >
>  > > �> > �> > I don't think that the recent discussion has brought up 
> any
>  > > new
>  > > �> > points �
>  > > �> > �> > that need to be said here, so I'd like to again 
> recommend to
>  > > �> > close the �
>  > > �> > �> > issue with the following change (as seen in �
>  > > �> > �> >
>  > > <http://lists.w3.org/Archives/Public/w3c-dist-auth/2005OctDec/
>  > > �> > �> > 0242.html>).
>  > > �> > �> >
>  > > �> > �> > Proposed resolution for �
>  > > �> > �> > 
> <http://ietf.cse.ucsc.edu:8080/bugzilla/show_bug.cgi?id=23>:
>  > > [...]
>  > > �> > �> >
>  > > �> > �> > NEW:
>  > > �> > �> > � �A lock token is a type of state token, represented 
> as a
>  > > URI,
>  > > �> > which
>  > > �> > �> > � �identifies a particular lock. �Each lock has exactly 
> one
>  > > �> > unique lock
>  > > �> > �> > � �token, which is returned upon a successful LOCK 
> creation
>  > > �> > operation �
>  > > �> > �> > in
>  > > �> > �> > � �the "Lock-Token" response header defined in Section 
> 9.6.
>  > > �> > �> >
>  > > �> > �> >
>  > > �> > �> > Best regards, Julian
>  > > �> > �> >
>  > > �> > �>
>  > > �> > �>
Attachments

text/enriched attachment: stored
Received on Wednesday, 16 November 2005 17:11:28 UTC