OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: [security-services] underspecified behavior for AuthenticationQuery ?


my understanding is that the correct response is 
a), success, with an additional (optional)
<statusMessage> indicating that no assertions
could be returned. Any other error code indicates
an *error*, which is not the case here.

I could not find an explicit statement saying this in 
the core-27. My suggestion would be to add a 
section titled "Processing Rules for Queries" with
the language:

If the responder cannot find any assertions that satisfy the
constraints expressed by a query, the <saml:Response> element
MUST include a <saml:StatusCode> with value "Success". It MAY return
a <saml:StatusMessage> with additional information.

My suggestion would be to place this in section 3.4.4,
with the current contents of 3.4.4 placed in a sub-section
(, as these are an additional elaboration of the 
query processing rules.

- prateek

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC