uddi-dev message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Subject: Re: [uddi-dev] Error code for authz failures?
- From: Andrew Hately <hately@us.ibm.com>
- To: Dave Schneider <dschneider@e2open.com>
- Date: Mon, 03 Feb 2003 22:43:45 -0600
Dave,
For registries using the UDDI security
API set, the following should be appropriate:
E_authTokenRequired: (10120) Signifies
that an authentication token is missing or is invalid for an API call that
requires authentication.
As other mechanisms are outside the
scope of the UDDI specification, authorization errors relating to those
mechanisms should be covered outside the UDDI specification.
If there is a need to provide a more
granular error within the UDDI specification, please provide more information
or the use case for further detailing authorization errors.
Andrew Hately
IBM Austin
UDDI Development, Emerging Technologies
Dave Schneider <dschneider@e2open.com>
02/03/2003 06:18 PM
|
To
| "'uddi-dev@lists.oasis-open.org'"
<uddi-dev@lists.oasis-open.org>
|
cc
|
|
Subject
| [uddi-dev] Error code for
authz failures? |
|
Given that every API in v3 takes an optional authInfo
parameter, I was
surprised I didn't find an error code such as E_accessDenied or
E_authzFailed in Chapter 12 of the v3 spec. The only thing seemed
close was
E_requestDenied, but the description implies its use is only for requesting
subscription renewals. Any idea what the appropriate error code should
be
when the server decides the caller isn't authorized to do what's being
requested?
Thanks,
Dave
______________________________________
Dave Schneider --- dschneider@e2open.com
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [Elist Home]
Powered by eList eXpress LLC