mace-opensaml-users - RE: How to set the status in a SAMLResponse?
Subject: OpenSAML user discussion
List archive
- From: "Markus Lorch" <>
- To: "'Scott Cantor'" <>, 'Brückler Peter' <>
- Cc: <>
- Subject: RE: How to set the status in a SAMLResponse?
- Date: Mon, 21 Feb 2005 11:20:02 -0500
- Importance: Normal
One suggestion:
If this is an authorization or authentication service you may not
want to tell the client why you failed. Thus for this case I would
recommend to create a SAMLException that contains NO details on why
the operation failed.
For example in an authorizaiton service that I worked on we first try
to return a valid "Indeterminate" response, only if we fail twice
creating such a response then we return something else than samlp:success
and even then we don't include any info on what happened (but we
protocoll it in detail on the server of course)
my 2 cents
Markus
> -----Original Message-----
> From: Scott Cantor
> [mailto:]
>
> Sent: Monday, February 21, 2005 11:08 AM
> To: 'Brückler Peter'
> Cc:
>
> Subject: RE: How to set the status in a SAMLResponse?
>
>
> > If you don't set anything, the value "samlp:Success" will be
> > used automatically, which is fine for the successful
> > scenario, but how to set other values?
>
> Just pass a SAMLException containing the information into the
> SAMLResponse
> constructor.
>
> -- Scott
>
- How to set the status in a SAMLResponse?, Brückler Peter, 02/21/2005
- RE: How to set the status in a SAMLResponse?, Scott Cantor, 02/21/2005
- RE: How to set the status in a SAMLResponse?, Markus Lorch, 02/21/2005
- RE: How to set the status in a SAMLResponse?, Scott Cantor, 02/21/2005
- RE: How to set the status in a SAMLResponse?, Markus Lorch, 02/21/2005
- RE: How to set the status in a SAMLResponse?, Scott Cantor, 02/21/2005
Archive powered by MHonArc 2.6.16.