Return-Path: X-Original-To: apmail-subversion-dev-archive@minotaur.apache.org Delivered-To: apmail-subversion-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 6A88410B1A for ; Mon, 3 Jun 2013 23:24:20 +0000 (UTC) Received: (qmail 27841 invoked by uid 500); 3 Jun 2013 23:24:19 -0000 Delivered-To: apmail-subversion-dev-archive@subversion.apache.org Received: (qmail 27810 invoked by uid 500); 3 Jun 2013 23:24:19 -0000 Mailing-List: contact dev-help@subversion.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@subversion.apache.org Received: (qmail 27803 invoked by uid 99); 3 Jun 2013 23:24:19 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Jun 2013 23:24:19 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of gstein@gmail.com designates 209.85.212.176 as permitted sender) Received: from [209.85.212.176] (HELO mail-wi0-f176.google.com) (209.85.212.176) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Jun 2013 23:24:15 +0000 Received: by mail-wi0-f176.google.com with SMTP id hr14so3214524wib.9 for ; Mon, 03 Jun 2013 16:23:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=4Id0dCGKLODzhvTY1I/OgM0y9dLBEfuLNKq2CIzr7A8=; b=bgFTDdUCy5SmtANmEEA9En5JouKIbCFJJau6vkbh3IRXP4fqDroOaQaMLMFDPLZzg4 W2eg9dIGCGtz4wLKtIbhDSvqBQ0YxmZph1LIOd+70Mjzn9wFuqOG27r6r2TkcMW4Wxx0 l6G65SkDiijVsBnqJaDZNGY7R0/Or7HB2ah1vtA96u8K3qAwb6rcM+5dO1aCg6SOZRQn lFNfE1rBJlDR4U9Di+kDom4+gYIELXleDRSxZpI0pQPeGyx/YDG2rUw8b28O/Z6YmcO7 VkFo6+xYhityqGOS/A3+PqegV86sSazGVds9I2Z1lqGxrkzEO4uWSv5V0txaEZIjE6nt 2dzw== MIME-Version: 1.0 X-Received: by 10.180.21.193 with SMTP id x1mr270593wie.31.1370301834352; Mon, 03 Jun 2013 16:23:54 -0700 (PDT) Received: by 10.194.11.37 with HTTP; Mon, 3 Jun 2013 16:23:54 -0700 (PDT) In-Reply-To: References: <87y5aqgam0.fsf@ntlworld.com> <87txleg82u.fsf@ntlworld.com> Date: Mon, 3 Jun 2013 19:23:54 -0400 Message-ID: Subject: Re: serf error handling for locks without authn From: Greg Stein To: Ben Reser Cc: Philip Martin , Subversion Development Content-Type: text/plain; charset=ISO-8859-1 X-Virus-Checked: Checked by ClamAV on apache.org On Mon, Jun 3, 2013 at 7:10 PM, Greg Stein wrote: > On Mon, Jun 3, 2013 at 6:48 PM, Ben Reser wrote: >... >> I'd argue that we should return a 500 range error since the problem >> here is that the server is not properly configured. There is really > > Nah. 500 means there is nothing the client can do, which isn't quite > accurate. A client *could* go ahead and fill in an Authorization: > header. (tho I don't know if Apache will parse it, without a config > there) > >> nothing a client can do to resolve the issue other than to >> authenticate, which our client is only going to do if the server is >> setup properly. So I'd vote for returning HTTP_INTERNAL_SERVER_ERROR. On IRC, Ben and I tossed this around. The short answer is "the server is not configured to allow a LOCK operation." 501 (Not Implemented) states it is an appropriate status when the server is unable to support the request method. We can also adjust the error string in append_locks() to something like: "Anonymous lock creation is not allowed. The server configuration will not allow a LOCK." That points to the configuration problem. And the 501 is pretty darned close to what we want. As Ben noted on IRC, a 4xx response implies the client got something wrong. The root problem is on the server, and that implies a 5xx response. Cheers, -g