OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] HTTP error response code

> Scenario: App to App (no Browser)

There's really no profile for that scenario in SAML proper, so asking how it
should work is sort of begging the question. If you extrapolate a little,
you can adapt ECP into any HTTP-based service, no matter what the client is,
but that hasn't necessarily been done a lot.

> At that point, does he SP app return a HTTP 200 with the 
> right error code in the SAMLResponse. 

I don't understand your constraints or assumptions, so there's no way to
answer. The existing profiles that assume an HTTP-based application don't
dictate what happens when errors occur, however. And they assume a browser
or at least browser-like user agent, which is important to know what an
error response might look like.

But your speculation would be totally out of the question since there is no
SAML response going in the direction you're referring to. A SAML response is
issued in response to a SAML request in general, and I don't see a request

> Looking at the documents, it is not clear ... may be it is 
> spelled somewhere  and I am missing it.

I think you're fundamentally misreading those documents to this point.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]