[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] SAMLCore errors in mandating some second-level status codes
When I’ve been dealing with this issue in Liberty specs I’m editing, I prefer:
If none of the specified classes or declarations can be satisfied in accordance with the rules below, the responder MUST return a <Response> message with a top-level <StatusCode> value of …:Responder. If a second-level <StatusCode> is included in the <Response> message it MUST have a value of “…:NoAuthnContext”.
In other words saying you can leave off the second level status code, but if you do include one, it must be the one specified here.