Thanks for the reply! >From what I can see in the thread you referred to, they do not verify that they have access rights!
You where right about the lock-token! In the case where a user asks for a lock-token (lockdiscovery or propfind) on a resource where another user took out the lock - the locktoken will be: opaquelocktoken:faketoken! However this response does not seem to be described in the webdav or the deltaV documentation! Is this slide sprcific?? Basically what I need is some command the verifies write-access to a resource! Are there any commands beside PUT and PROPPATCH that are denied when a lock is taken on a resource? /Jacob -----Original Message----- From: Andreas Probst [mailto:[EMAIL PROTECTED]] Sent: 8. oktober 2002 13:36 To: Slide Users Mailing List Subject: RE: Verifying access Hi Jacob, I think Slide2 gives you the lock token only if the client user is the one that locked a resource. Otherwise an opaque lock token is returned. So if you get a proper lock token and the logged-in user has write permission, you should be able to write the resource. I did not test this, but I wrote a servlet that unlocks a locked resource by using Slide client methods to connect to Slide's WebdavServlet. This works only if the logged-in user was the one that locked the resource before. Maybe the following archived discussion helps you. Get it by sending an e-mail to [EMAIL PROTECTED] Andreas On 8 Oct 2002 at 11:53, Jacob Lund wrote: > Sorry for reposting - but I cannot believe that I am the only one > having this problem! > > What I have is a client that can "reconnect" to a locked resource! > This is interesting if the client or server crashes and the need to > reconnect afterward! I do not wish to store additional info about the > lock on the server or the client! > > Therefore I need to retrieve the locktoken and then try to see if I > can access the resource! The only way, that I could think of, is to > try and add/remove a property on the resource - and thereby verify > that I have write-access to the resource! > > Is this the way all of you do this, or am I missing something? > > Thanks > Jacob > > -----Original Message----- > From: Jacob Lund [mailto:[EMAIL PROTECTED]] > Sent: 4. oktober 2002 12:28 > To: [EMAIL PROTECTED] > Subject: Verifying access > > > Hi, > > How do I check if I have access to a given resource, in case it has a > lock on it? > > I have a resource with an exclusive lock on it, and now I want to > check it I have access to this resource! > > What I do is retrieve the lock-token and now I need to check if the > user owns this lock! I then add this lock-token to a request header > and then test if I can operate on the resource by adding a new > meta-tag and then remove it again! > > But is there an easier way to verify if current user owns the lock on > a given resource? > > /Jacob > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
