OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [security-services] Rejecting Saml Requests (SOAP Binding0

> Scott, sorry for the confusion. I did mean soap initially. 
> Keeping with soap, are you saying that 
> A) the responder should send back a saml msg with and invalid 
> (Requester) top level status code? 

For those cases, I would, yeah.

> And if so: 
> B) does the spec say, in your opinion, you must do this vs. 
> just returning a soap fault? 

I think it's been the intent, but it's difficult to get the language right.
I read as pretty clearly saying SOAP faults are for SOAP errors and
SAML errors are for, well, SAML errors.

In the HTTP case, of course, there is no other real error to return, and the
user experience suggests that you get control back to the message sender if
at all possible and he's not attacking you or something.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]