book

WebDAV: Next-Generation Collaborative Web Authoring

by Lisa Dusseault

October 2003

Intermediate to advanced

480 pages

12h 37m

English

Pearson

Read now

Unlock full access

ReadersOrganization of the BookIntroductory MaterialHow WebDAV WorksWebDAV ExtensionsSoftware and Custom ApplicationsReference AppendixesTypographical ConventionsIcons UsedReferencesAcknowledgments
1.1. What Is Authoring?1.1.1. The Bad Old Days1.1.2. Usable but Proprietary Software1.1.3. Web Authoring via Web Forms1.1.4. Multiple Stages Multiply Errors1.2. Third-Generation Web Authoring1.3. WebDAV History1.3.1. The WebDAV Working Group1.3.2. Suggested Requirements1.3.3. W3C Pressure1.3.4. Corporate Pressure1.3.5. The Final Draft1.3.6. Today1.4. Requirements and Scenarios1.5. Extended Example, Concepts, and Terminology1.5.1. Distributed Web Authoring1.5.2. Simple Publishing Process1.5.3. Custom Application Example1.6. What WebDAV Is and Is NotWebDAV Is HTTP: TrueWebDAV Is an API: FalseWebDAV Is a Document Management System: FalseWebDAV Is a Server-to-Server Protocol: FalseWebDAV Is a Network File System for the Internet: TrueWebDAV Is an Appropriate Successor to FTP: TrueWebDAV Is a Microsoft Technology: FalseWebDAV Is a Standard: TrueWebDAV Is a Web Service: Maybe1.7. Roles for WebDAVCM InteroperabilityCommon-Denominator Information RetrievalNetworked File System AccessSource Control Systems1.8. Summary
2.1. A Brief History of Web Authoring2.1.1. HTTP Editing2.1.2. Editing via Remote Login2.1.3. Editing and Copying2.1.4. HTML Editing Tools2.2. Network-Enabled Web Authoring Tools2.2.1. Networking Changes2.2.2. Growth in Team Sizes2.2.3. Early Networked Tools2.2.4. Connected, But Not Interoperable2.3. The Standards Revolution in Web Authoring2.3.1. FrontPage Server Extensions2.3.2. AOLPress2.3.3. Netscape Extensions2.3.4. Amaya/Jigsaw2.4. HTTP, Pre-WebDAV2.4.1. Obvious Missing FeaturesHow to Create a CollectionCopy OperationMove and RenameStandardized Content Listings2.4.2. ETags and the Lost Update Problem2.5. The File Transfer Protocol2.5.1. Missing Functionality2.5.2. Poor Navigation2.5.3. Some Performance Concerns2.5.4. Lessons Learned2.6. WebDAV for Sharing Documents2.6.1. Networked File SystemsNFSSMB and SambaThe Andrew File System2.6.2. Collaborative Authoring via Email2.6.3. Email Attachment SemanticsCopy ProliferationVisibility of ChangesRetrieval on Demand2.7. Summary
3.1. URLs3.1.1. Relative URLs3.1.2. Links3.1.3. URL Escaping3.1.4. Requests to Directories3.2. Message Structure3.2.1. HTTP Requests3.2.2. Header Syntax3.2.3. Required Request Headers3.2.4. HTTP Responses3.2.5. Error Responses3.2.6. Status Code Categories3.2.7. Common Status Codes3.2.8. Message LengthContent-LengthResponses Where Body Must Be EmptyTransfer-EncodingMedia Type Multipart/ByterangesClosing Connection3.3. HTTP Methods3.3.1. GET3.3.2. GET with File System Directories3.3.3. PUT3.3.4. DELETE3.3.5. POST3.3.6. HEAD3.3.7. OPTIONS3.3.8. OPTIONS *3.3.9. TRACE3.3.10. CONNECT3.4. HTTP ETags3.5. Beyond the Request/Response Model3.5.1. Keeping Connections Alive3.5.2. Pipelining3.5.3. Predicting Success for Lengthy Requests3.6. HTTP SecurityUser IdentificationServer IdentificationConfidentiality3.6.1. Basic Authentication3.6.2. Digest Authentication3.6.3. Transport Security3.7. HTTP Headers3.7.1. Accept-Ranges Header3.7.2. Allow Header3.7.3. Authorization Header3.7.4. Accept-* Headers3.7.5. Content-* Headers3.7.6. Conditional Headers3.7.7. Connection Header3.7.8. User-Agent Header3.7.9. Expect Header3.7.10. Cache Control Headers3.7.11. Date3.7.12. Range3.7.13. Location3.7.14. Server3.7.15. Upgrade3.7.16. WWW-Authenticate3.8. Summary
4.1. Basic Components4.2. URLs and WebDAV Resources4.2.1. Root URL4.2.2. Path Hierarchy4.2.3. URL Uniqueness4.3. Using the HierarchyDepth 0Depth InfinityDepth 14.4. MetadataProperty Values4.4.1. Live and Dead Properties4.4.2. Required Live Properties4.4.3. MOVE, COPY, and Properties4.4.4. Property Names4.4.5. Property Namespaces4.4.6. Property Values4.4.7. Internationalization4.5. Locks4.5.1. Locks and the Lost Update Problem4.5.2. Lock Permissions4.5.3. Locks and Read Operations4.5.4. Locks vs. Access Control4.5.5. Lock Owners4.5.6. Lock Timeout and Lock Refresh4.5.7. Locks Are Not Transactions4.5.8. Removing Locks4.5.9. Depth Locks: Locking Collections4.5.10. Shared Locks4.6. Summary
5.1. WebDAV URLs and Feature Discovery5.1.1. Discovering WebDAV Support5.1.2. URLs to Collections5.1.3. Deconstructing WebDAV URLs5.1.4. Limits to HTTP URL Decomposition5.1.5. Finding the Repository Root with OPTIONS5.2. New Response Status Codes5.3. GET5.3.1. Getting Collections5.3.2. Resource Integrity5.3.3. How to Retrieve Source Code5.4. PUT5.4.1. Partial PUT5.4.2. Avoiding Lost Updates5.4.3. Creating New Resources Safely5.4.4. Generating Unique URLs5.4.5. Pipelining5.4.6. PUT and Collections5.5. DELETE5.5.1. Multi-Status ResponseURLs in Multi-StatusSuccesses in Multi-StatusPermissions Failures in Multi-Status5.5.2. Handling XML BodiesFormatting of href ElementsFormatting of status ElementsDon't Forget PrefixesHandling Extensions5.5.3. Atomicity5.5.4. Destroy Data or Move to Trash?5.5.5. Operations on Addresses or Resources5.6. Summary
6.1. Why WebDAV Defines New Methods6.2. MKCOL: Create Collection6.2.1. MKCOL and the Allow Header6.2.2. Status Codes for MKCOL6.3. MOVE6.3.1. Destination Header6.3.2. Depth Header6.3.3. Depth noroot Extension6.3.4. The Overwrite Header6.3.5. Status Codes for MOVE6.3.6. 102 Processing Response6.3.7. The Multi-Status Response6.3.8. Specifying Property Value Behavior6.4. COPY6.4.1. MOVE = COPY + DELETE?6.4.2. Depth and COPY6.4.3. Status Codes for COPY6.5. Summary

7.0.1. HTML and HTTP Metadata7.1. Property Representation7.1.1. Basic Property Value Example7.1.2. Property Name Only7.1.3. Empty Property Values7.1.4. Making Property Values SafeEncapsulationCharacter Escaping7.1.5. Storing Property Value Text7.1.6. Whitespace7.1.7. Internationalization7.1.8. XML-Valued Properties7.1.9. Date and Time PropertiesTimestamp Interoperability Challenges7.2. PROPFIND7.2.1. PROPFIND Request7.2.2. PROPFIND Response7.2.3. Reporting Errors in PROPFIND Responses7.2.4. Finding the Names of Properties7.2.5. AllProp Is Not What It Seems7.2.6. Large Response Bodies7.3. PROPPATCH7.3.1. PROPPATCH Request7.3.2. Implementing Atomic Requests7.3.3. PROPPATCH Response7.3.4. PROPPATCH Response with Failures7.3.5. PROPPATCH to Nonexistent Resource7.4. How Properties Are Stored7.5. Required Properties7.5.1. creationdate7.5.2. displayname7.5.3. getcontentlanguage7.5.4. getcontentlength7.5.5. getcontenttype7.5.6. getetag7.5.7. getlastmodified7.5.8. resourcetype7.5.9. source7.6. Summary
8.1. Lock Tokens8.2. LOCK Method8.2.1. Creating a Lock8.2.2. Locking a CollectionDepth InfinityDepth 08.2.3. Creating Lock-Null Resources8.2.4. Refreshing a Lock8.2.5. Lock Timeout8.2.6. Use of the Lock Owner Element8.2.7. Special Status Codes for LOCK8.3. UNLOCK Method8.3.1. Removing Another User's Lock8.3.2. Special Response Codes for UNLOCK8.4. Using Locked Resources8.4.1. Overwriting a Single Locked Resource8.4.2. If Header Features8.4.3. Untagged Token Lists8.4.4. Untagged Token List and OR8.4.5. Untagged Lists on Requests Covering Multiple Resources8.4.6. Tagged Token Lists8.4.7. If and Not8.4.8. No-tag-list Productions8.4.9. Tagged List Productions8.4.10. Matching Tokens to Indirectly Locked Resources8.4.11. Matching Tokens to Unmapped URLs8.4.12. Adding a Resource to a Locked Collection8.4.13. Comments on the If HeaderConfuses Two PurposesComplete Boolean Logic Not PossibleIgnored ClausesAdvanced Syntax Is Not Used MuchHeader May Be Too Long to Be Transmitted Correctly8.5. Lock-Related Properties8.5.1. lockdiscovery8.5.2. supportedlock8.6. Client Responsibilities8.6.1. Why Client Software Must Store Lock Tokens8.6.2. Renew Often, Renew Early, Unlock Promptly8.6.3. Verifying Lock Persistence8.6.4. Managing Deadlocks8.6.5. Handling Lock-Null Resources8.6.6. Using Shared LocksAdvisory LocksRead LocksSharing Locks Among ProcessesCustom Locking8.7. Lock Interactions8.7.1. Adding Resources8.7.2. Modifying Locked Resources8.7.3. Deleting8.7.4. MOVE and Locks8.8. Problems with Lock-Null Resources8.8.1. Poor Implementation Support8.8.2. Lock-Null Resources Behave Poorly in Name Collisions8.8.3. Detecting Lock-Null Resource Creation8.8.4. Lock-Null Resources Disappear in Collection Moves8.8.5. Lock-Null Resources May Not Be Destination of a COPY8.8.6. Solving Too Many ProblemsOverwriting CollectionsReserving New Collection for Property UpdatesCleaning Up Lock-Null Resources May Be Difficult8.8.7. A Simpler Approach: Locked Empty Resources8.9. Summary
9.1. Scenario Walk-Through9.2. Open Web Folder9.2.1. Unauthenticated RequestInteresting Standard HeadersNonstandard Translate Header9.2.2. Authentication ChallengeAuthentication ChallengeError Response Body9.2.3. Authenticated PROPFIND9.2.4. Collection Properties ResponseAllprop ResponseDatatype Attribute and NamespaceCookies9.2.5. Directory Contents ListingDepthCookieNonstandard Properties9.2.6. Directory Contents Response9.2.7. Navigation9.3. Create a Folder9.3.1. MKCOL9.3.2. New Folder PropertiesString Escaping9.3.3. Collection Name Change9.4. Create a New File9.4.1. LOCK Creates New ResourceOwnerMissing Content-Type HeaderUser-AgentTwo-Minute Lock9.4.2. Creation of Lock-Null Resource201. CreatedLock Token TwiceTimeout9.4.3. First Upload RequestMissing Content-Type9.4.4. Server Saves File9.4.5. Confirm File Upload9.5. Editing a File9.5.1. Automatic Lock Refresh9.5.2. User Action to Save File9.6. Close the File9.6.1. UNLOCK9.7. Copy to Publishing Directory9.7.1. COPY File to Publish Location9.7.2. Delete Working CopyDestroy Header9.8. Publish Document9.8.1. Browser Request for WebDAV Resource9.8.2. Setting Publish Property9.8.3. OPTIONSKeep-AliveConnection: TE, Keep-AliveTE: Trailers9.8.4. OPTIONS ResponseDAV HeaderDASL HeaderMS-Author-Via Header9.8.5. Setting a PropertyNo CookiesNo PrefixesDigest Details9.8.6. PROPPATCH Response9.9. Summary
10.1. Client SoftwareStand-Alone WebDAV ExplorerMounted Drive ClientAuthoring Applications Using WebDAV for Primary StorageAuthoring Applications Using WebDAV to PublishApplications Using WebDAV to Store Custom Shared DataSite Management Tools10.1.1. Microsoft Web Folders and OfficeStand-Alone Web FoldersOffice 2000Other ApplicationsHow to Get Web FoldersWeb Folders LimitationsServer Support for Web Folders10.1.2. Windows XP WebDAV Redirector10.1.3. Mac OS X WebDAV-FS10.1.4. Adobe Authoring, Graphics, and Web Design Products10.1.5. Xythos WebFile Client10.1.6. kStore Explorer10.1.7. Goliath for Macintosh10.1.8. Dreamweaver 410.1.9. WebDrive10.1.10. XML Spy10.1.11. DAV Explorer10.1.12. Davfs10.1.13. Cadaver10.1.14. DAVe10.2. Server Software10.2.1. Microsoft Internet Information Server10.2.2. Apache and mod_dav10.2.3. Microsoft Exchange 2000New Properties and NamespacesPUT Can Send EmailPOST Can Create ResourcesPROPPATCH Can Create ResourcesData TypesSubscription/Notification SupportRanged Row RequestsSQL SearchMKCOL Request BodyAccess Control10.2.4. Xythos WebFile Server10.2.5. DAV4J10.2.6. Tamino WebDAV Server10.2.7. Microsoft SharePoint Portal Server10.2.8. Other Known Servers10.3. Services10.3.1. Apple iDisk10.3.2. IBackup10.3.3. My Docs Online10.4. Compliance Tests10.4.1. Litmus10.5. Summary
11.1. Introduction to Versioning11.1.1. Simple Problems11.1.2. Versioning and Backup Functionality11.1.3. Basic Versioning Components11.1.4. DeltaV Data Model11.2. Core Versioning11.2.1. Version-Controlled Resources11.2.2. Versions11.2.3. Core Versioning Model11.2.4. Accessing Versions11.2.5. Viewing All Versions11.2.6. Turning on Versioning11.3. Editing Version-Controlled Resources11.3.1. CHECKOUT and CHECKIN11.3.2. CHECKOUT and Checked-Out VCRs11.3.3. Editing a Checked-Out Resource11.3.4. CHECKIN and Checked-In VCRs11.3.5. UNCHECKOUT11.4. Labels11.4.1. Managing Many Versions with Labeling11.4.2. Modifying Label Values11.4.3. The Label Header11.5. Using Existing WebDAV Methods with Versioning11.5.1. DELETE11.5.2. Version History Resources11.5.3. COPY11.5.4. MOVE11.6. Using Non-DeltaV Clients11.6.1. Read Operations and UPDATE11.6.2. Auto-Version: Enabling Write Operations11.6.3. Locking11.6.4. “Safe Save” Problems with Existing Clients11.7. Version Trees11.7.1. Forking11.7.2. Creating ForksUsing UPDATEEditing Predecessor-Set11.7.3. Avoiding Forks11.7.4. Simple Merge11.7.5. Are Forks Permitted?11.8. Multiple Checkouts with Working Resources11.8.1. Creating Working Resources11.8.2. Editing a Working Resource11.8.3. CHECKIN a Working Resource11.8.4. Working Resources Create Forks11.8.5. Checking Out Other Versions11.9. Checkout Determinism11.9.1. How to Tell If a Checkout Exists11.9.2. How to Tell If a Resource Can Be Checked Out11.10. DeltaV Special Mechanisms11.10.1. REPORT Method11.10.2. Error Reporting11.10.3. Feature Discovery by OPTIONS Body11.10.4. Feature Discovery Properties11.10.5. Live Property RequirementsConfiguration Live PropertiesSupporting Unsupported Live PropertiesAllprop Semantics Changed11.11. Summary
12.1. Workspaces12.1.1. Workspace Model12.1.2. Finding or Creating a Workspace12.1.3. Linking Resources into Workspaces12.1.4. Working in Workspaces12.2. Change Sets12.2.1. Checking Out to an Activity12.2.2. Creating Activities12.3. Branches12.3.1. Switching Activities12.3.2. Combining Atomic Checkin with Named Branches12.4. MERGE12.4.1. Merge Rules12.4.2. Client-Managed Merge12.4.3. Server-Managed Merge12.4.4. How Content Is Combined in Merges12.4.5. Merging, Activities, and Workspaces12.5. History of Multiple Resources12.5.1. Baselines12.5.2. Configurations and Subconfigurations12.5.3. Collection Membership Versioning12.5.4. Working Collections12.6. Other Feature Interactions12.7. DeltaV Features and Packages12.7.1. Basic Features12.7.2. Advanced Features12.7.3. Core Versioning Package12.7.4. Client Workspace Package12.7.5. Server Workspace Package12.7.6. Feature Dependencies12.8. Summary
13.0.1. Prior Approaches13.1. What Is Access Control?13.1.1. Access Control Model13.2. Getting Access Control Information13.2.1. Principal URLs13.2.2. Identifying a Resource Owner13.2.3. Getting ACLs13.2.4. Privileges Vary13.2.5. Standard Privileges13.2.6. Privilege Composition13.2.7. Finding Current User's Permissions13.3. Setting Access Control Information13.3.1. Setting ACL13.3.2. Semantic Complications13.4. Principals13.4.1. Finding Principal Information13.4.2. Finding Group Membership13.4.3. Shortcut for Displaying Principals from ACLs13.4.4. Who Am I?13.4.5. Browsing Principals13.4.6. Searching Principals13.5. Standardization Challenges13.5.1. User Databases13.5.2. Multiple Access Protocols13.6. Summary
14.1. Online Photo Album14.1.1. Application Overview14.1.2. Existing Architecture14.1.3. WebDAV for Photo Authoring14.1.4. Gateway Model14.1.5. Lessons LearnedA Web-Based ServiceAuthoring Applications Natively SupportedFlexible Metadata SupportDocument-Oriented StorageNative Support for Document Management14.2. Email and Calendaring14.2.1. Web and Internet Standards in Exchange14.2.2. “Webifying” Exchange 200014.2.3. OWA14.2.4. How OWA Uses WebDAV14.2.5. Hotmail and Web Infrastructure14.2.6. Outlook Express14.2.7. Scalability14.2.8. Integration Challenges14.2.9. Lessons LearnedWeb AddressesLower Application Development CostsWeb InfrastructureDocument-Oriented StorageFlexible Metadata SupportXML Stylesheets Work with WebDAVSupport for Remote Document ManagementSupport for Multiple AuthorsStateless vs. Connection-Oriented14.3. Presence and Instant Messaging14.3.1. Instant-Messaging RequirementsSending Instant MessagesFile SharingMultiple Clients14.3.2. PresenceSensitivity of Presence InformationBuddy Lists14.3.3. Could WebDAV Do Instant Messaging?14.3.4. Appropriate Use of WebDAVStoring Buddy Lists and Access ControlFile SharingStoring Offline Messages14.3.5. Lessons LearnedOnly Clients Make Requests in WebDAVWebDAV Can Be a Component of a SolutionThe Storage Model Is a Necessary Feature of WebDAVCompliance Means All Methods14.4. Pacific National Laboratories14.4.1. Overview14.4.2. Example Problem-Solving Environment14.4.3. Solution Requirements14.4.4. Solution Choices14.4.5. Mapping Database Schemas to WebDAV Storage14.4.6. Results14.4.7. Lessons LearnedHigher PerformanceGreater Disk Space RequiredLower Cost Than OODBSupport for Web AccessWebDAV Is Easy to Work WithSecurity Was MaintainedNo Transaction SupportContinual Improvement Possible14.5. Other Application Ideas14.6. Summary
15.1. Metadata Usage15.1.1. Choosing a Namespace15.1.2. Property Names15.1.3. Property ValuesComplex Values15.1.4. Property Location15.1.5. Group Resources in Collections15.1.6. Use WebDAV for Global Information15.1.7. Handling Multiple Document Schemas15.2. Performance Considerations15.2.1. Minimizing Unnecessary Requests15.2.2. Keeping Connections Alive15.2.3. Multiple Connections15.2.4. Minimizing Server Load15.3. Security ConsiderationsBasic AuthenticationDigest AuthenticationSSL and TLSAuthorization and Access Control15.4. Technology Considerations15.4.1. Choice of Framework Software15.4.2. Choice of XML Parser15.4.3. Libraries and APIsJavaPythonPerl15.4.4. XML Stylesheet Language and TransformationsDisplaying PROPFIND ResultsTransforming Incoming Documents15.4.5. XMLHTTP15.5. Deployment Considerations15.5.1. Migrating Existing RepositoriesMigrating DataWrapping an Existing Repository15.5.2. Synchronizing Sites and Collections15.6. Summary
A.1. Supporting Legacy Windows ApplicationsA.2. Internet Explorer TipsA.2.1. Open Web Folders with Link in IEA.2.2. Open Web Folders with Script in IEA.2.3. XMLHTTP in Web Page ScriptsA.2.4. VBScript and XMLHTTPA.2.5. JavaScript and XMLHTTPA.3. Microsoft WebDAVA.3.1. Microsoft Row Extension to Range HeaderA.3.2. Property Name and Namespace ConcatenationA.3.3. SQL SEARCH SyntaxBuilding SQL Statements
B.1. Informational Status CodesB.1.1. 100 ContinueB.1.2. 101 Switching ProtocolsB.1.3. 102 ProcessingB.2. Success Status CodesB.2.1. 200 OKB.2.2. 201 CreatedB.2.3. 202 AcceptedB.2.4. 203 Non-Authoritative InformationB.2.5. 204 No ContentB.2.6. 205 Reset ContentB.2.7. 206 Partial ContentB.2.8. 207 Multi-StatusB.3. Redirect Status CodesB.3.1. 300 Multiple ChoicesB.3.2. 301 Moved PermanentlyB.3.3. 302 Found or 302 Moved TemporarilyB.3.4. 303 See OtherB.3.5. 304 Not ModifiedB.3.6. 305 Use ProxyB.3.7. 306 (Unused)B.3.8. 307 Temporary RedirectB.4. Client Failure Status CodesB.4.1. 400 Bad RequestB.4.2. 401 UnauthorizedB.4.3. 402 Payment RequiredB.4.4. 403 ForbiddenB.4.5. 404 Not FoundB.4.6. 405 Method Not AllowedB.4.7. 406 Not AcceptableB.4.8. 407 Proxy Authentication RequiredB.4.9. 408 Request Time-outB.4.10. 409 ConflictB.4.11. 410 GoneB.4.12. 411 Length RequiredB.4.13. 412 Precondition FailedB.4.14. 413 Request Entity Too LargeB.4.15. 414 Request-URI Too LargeB.4.16. 415 Unsupported Media TypeB.4.17. 416 Requested Range Not SatisfiableB.4.18. 417 Expectation FailedB.4.19. 418-421B.4.20. 422 Unprocessable EntityB.4.21. 423 LockedB.5. Server Failure Status CodesB.5.1. 500 Internal Server ErrorB.5.2. 501 Not ImplementedB.5.3. 502 Bad GatewayB.5.4. 503 Service UnavailableB.5.5. 504 Gateway TimeoutB.5.6. 505 HTTP Version Not SupportedB.5.7. 507 Insufficient Storage
IETF Documents: RFCsMicrosoft Support Articles

Overview

WebDAV: Next-Generation Collaborative Web Authoring is the complete guide to Web-based Distributed Authoring and Versioning (WebDAV), the IETF standard for Web authoring and wide area collaboration. Experienced implementer Lisa Dusseault covers WebDAV from bits on the wire up to custom application implementation, demonstrating with extensive examples and traces from real clients and servers. Coverage includes: practical rules for building WebDAV document management systems; step-by-step, Internet Explorer compatible sample applications; and the latest WebDAV tools. For application designers, software engineers, and information managers.