OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

cmis message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] Commented: (CMIS-559) 3.4.1 common exceptions- permissionDenied exception issue

    [ http://tools.oasis-open.org/issues/browse/CMIS-559?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16205#action_16205 ] 

Norrie Quinn commented on CMIS-559:

403 is more appropriate in the case where the request is authenticated, but permission is denied based on repository access control.

> 3.4.1 common exceptions - permissionDenied exception issue
> ----------------------------------------------------------
>                 Key: CMIS-559
>                 URL: http://tools.oasis-open.org/issues/browse/CMIS-559
>             Project: OASIS Content Management Interoperability Services (CMIS) TC
>          Issue Type: Bug
>          Components: REST/AtomPub Binding
>    Affects Versions: Draft 0.70
>            Reporter: Ryan McVeigh
>            Assignee: Al Brown
> permissionDenied (per Part I is "the caller of the service does not have sufficient permissions to perform the operation") is mapped to status 403 (Forbidden). The HTTP spec defines this status as "The server ... is refusing to fulfill [the request]. Authorization will not help..." This does not match with Part I's "insufficient permissions" (which implies that [re-]authorization could help). Seems to me the mapping should be to HTTP status 401 (Unauthorized), or at least should map to one of 401 or 403 as a repository decision.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]