[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: [security-services] ISSUE: Form of a response when the request ismissing/malformed
> I am assuming that the correct SAML status code to use when a > request is badly malformed (or is simply missing from the SOAP payload) > is "Sender"; that is, there has been an error "in the sender or in the > request". I assume so (modulo the suggested change to "Requester" from "Sender". > But what should the InResponseTo attribute on the response be, if the > request didn't, say, even have an ID or any innards at all? I think it's a safe bet that InResponseTo will be made optional, because converting the POST profile to use Response requires either that or using a dummy value. In light of that, making it optional solves both concerns. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC