[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] A "final" proposal on status codes
Before this goes further, that is exactly what core25 says. I have sent it off to Jeff H. who is doing some unrelated tweakage. Phillip Hallam-Baker FBCS C.Eng. Principal Scientist VeriSign Inc. pbaker@verisign.com 781 245 6996 x227 > -----Original Message----- > From: Scott Cantor [mailto:cantor.2@osu.edu] > Sent: Thursday, January 10, 2002 8:04 PM > To: 'Hallam-Baker, Phillip' > Cc: 'SAML' > Subject: RE: [security-services] A "final" proposal on status codes > > > > > The use of attributes/elements is a trickier problem, I think we > > > really should use attributes for exactly the same reason SOAP is > using > > > elements, consistency with the overall coding style. > > I don't mind attributes at all, but the SAML schema-24 as currently > written only permits a single subcode, because the subcode is a single > attribute of the top level Status element. If that's an > artifact of the > recursion being deleted, that's fine, just mentioning it. > > The way to keep the recursion and still use attributes is to have > something like this: > > <simpleType name="StatusCodeEnumType"> > <restriction base="QName"> > <enumeration value="samlp:Success"/> > <enumeration value="samlp:VersionMismatch"/> > <enumeration value="samlp:Responder"/> > <enumeration value="samlp:Requester"/> > </restriction> > </simpleType> > <complexType name="StatusCodeType"> > <sequence> > <element name="Subcode" type="samlp:SubStatusCodeType" > minOccurs="0"/> > </sequence> > <attribute name="Value" type="sampl:StatusCodeEnumType" > use="required"/> > </complexType> > <complexType name="SubStatusCodeType"> > <sequence> > <element name="Code" type="samlp:SubStatusCodeType" > minOccurs="0"/> > </sequence> > <attribute name="Value" type="QName" use="required"/> > </complexType> > <complexType name="StatusType"> > <sequence> > <element name="Code" type="samlp:StatusCodeType"/> > <element name="Message" type="string" minOccurs="0" > maxOccurs="unbounded"/> > <element name="Detail" type="anyType" minOccurs="0"/> > </sequence> > </complexType> > > > > One issue that did occur to me is whether we should specify > > > which sub codes are permissible for which top level codes. > > For the ones defined in the SAML spec, definitely. Obviously > this is an > open-ended thing. > > A given error condition code is defined by a sequence of > QNames, rooted > in the SAML top-level codes, but by definition this isn't an > exhaustive > list, and any status SAML defines can be "suffixed" with additional > detail. > > This is no different than the SOAP 1.1 dotted notation, just XML-ized. > > -- Scott >
Phillip Hallam-Baker (E-mail).vcf
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC