If displaying the error status, it should be the most specific one which corresponds to the error message

Published on: 02/08/2010
Discussion

According to D5.8.1b Interface Specification v1.2.3_rev5.doc: If the subordinate status code is included in the response, then the status message must be the one corresponding to the subordinate status code, not the top-level status code. Our test team has the following suggestion: if the status code instead of an error number is shown (cf. OSOR bug 14462 https://forge.osor.eu/tracker/index.php?func=detail&aid=14462&group_id=1...), it should be the most specific one (e.g. urn:oasis:names:tc:SAML:2.0:status:AuthnFailed and not urn:oasis:names:tc:SAML:2.0:status:Responder, so that it more closely corresponds to the error message shown to the user.



HardwareNone
ProductNone
Operating SystemNone
ComponentNone
VersionNone
SeverityNone
ResolutionNone

Component

Code

Category

Bugs

Comments

Mon, 12/12/2011 - 18:12