[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [saml-dev] HTTP error response code
> Scenario: App to App (no Browser) There's really no profile for that scenario in SAML proper, so asking how it should work is sort of begging the question. If you extrapolate a little, you can adapt ECP into any HTTP-based service, no matter what the client is, but that hasn't necessarily been done a lot. > At that point, does he SP app return a HTTP 200 with the > right error code in the SAMLResponse. I don't understand your constraints or assumptions, so there's no way to answer. The existing profiles that assume an HTTP-based application don't dictate what happens when errors occur, however. And they assume a browser or at least browser-like user agent, which is important to know what an error response might look like. But your speculation would be totally out of the question since there is no SAML response going in the direction you're referring to. A SAML response is issued in response to a SAML request in general, and I don't see a request here. > Looking at the documents, it is not clear ... may be it is > spelled somewhere and I am missing it. I think you're fundamentally misreading those documents to this point. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]