OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

regrep-security message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: Error Response for signature Validation failure

"Damodaran, Suresh" wrote:
> Unfortunately, MSG discourages use of other errorCodes
> than those defined in the spec (Sec second para
> "Use of non-ebXML values for errorCodes is NOT RECOMMENDED.
> In addition, an implementation of this specification MUST NOT
> use its own errorCodes if an existing errorCode as defined
> in this section has the same or very similar meaning.")
> This limits us to use the errorCode "SecurityFailure" that
> maps to "Validation of signatures ... failed."

As I noted in another email thread, "SecurityFailure" error
is only applicable when ebMS is being used.

So the issues are :

1. For those cases, when SOAP (or SOAP compliant protocols)
   are being used, then what should the error code be ?
2. Should there be "protocol independent" error code specified
   be ebRS ?
   For example, ebRS would always return a "SigatureValidationFailure"
   regardless of the underlying transport ( ebMS, SOAP etc). ebRS
   would be responsible for mapping the error code from the underlying
   transport to a ebRS specific error code.

> Farrukh, you might be seeing something that I am not,
> in which case, please let me know.
> As for SOAP Fault, not sure what other bindings you are
> thinking about (not using SOAP at all?) I don't like
> using SOAP Fault from a design point of view, rather
> would like to have it in the MSG layer. I would like
> to understand where you are coming from.
> Cheers,
> -Suresh

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC