For some WebDAV requests we get a 207 Multistatus returned when we would expect a 403 Forbidden. Steps to reproduce: - incoming request is MOVE, COPY or DELETE - object being moved/copied/deleted is a collection - user does not have the rights to make this operation Actual results: - generation of a 207 Multi Status response Apparent cause: - org.apache.slide.webdav.method.AbstractMultistatusResponseMethod Method generateMultiStatusResponse() line 121 : isMultiStatus = ! resourceURI.equals(MethodUtil.getURI(unpackedException)); is inconsistent with the method's Javadoc comment. We should be generating a multi status response when the two values are equal, not when they are unequal (as now). Deleting the operator ! on the above line corrects the bug described above: a 403 response is generated as expected. Expected results: - generation of a 403 Forbidden reponse Build: The bug was observed on v2.1 but the offending line is still present in the latest version on the repository.
Hi, you are saying that the javadoc of the method contradicts the implementation. I have had a look at http://www.webdav.org/specs/rfc2518.html#rfc.section.8.9.2 It looks like the javadoc is wrong and the implementation is right. I have decided to change the javadoc. Please comment citing RFCs as basis if you still have a problem with this issue. Best regards, Antoine