[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [security-services] underspecified behavior for AuthenticationQuery ?
Jeff, my understanding is that the correct response is a), success, with an additional (optional) <statusMessage> indicating that no assertions could be returned. Any other error code indicates an *error*, which is not the case here. I could not find an explicit statement saying this in the core-27. My suggestion would be to add a section titled "Processing Rules for Queries" with the language: If the responder cannot find any assertions that satisfy the constraints expressed by a query, the <saml:Response> element MUST include a <saml:StatusCode> with value "Success". It MAY return a <saml:StatusMessage> with additional information. My suggestion would be to place this in section 3.4.4, with the current contents of 3.4.4 placed in a sub-section (3.4.4.1), as these are an additional elaboration of the query processing rules. - prateek
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC