This is for package: jakarta-slide-webdavclient-bin-3.1 In the org.apache.webdav.lib.WebdavResource class, the calls to extension methods (Lock, Unlock, etc) first make a call to URIUtils.encodePath(). This path is sent to each super constructor till it meets HttpMethodbase. HttpMethodBase is able to get access to the queryString, but the path now sent no longer has a ? to split upon. Because of this, calls to GET and PUT accept a queryString (eg: session authentication) but calls to the WebDav extensions (LOCK, UNLOCK) do not. Calling new LockMethod(...) manually does not exhibit this problem, because URIUtils.encodePath() is not called. Is this intentional behavior? If so, why is it only enforced in WebdavResource?