RE: HTTP binding: {http authentication realm} is required

Thanks for your comment.  The WS Description Working Group tracked this as a Last Call comment LC327 [1].  The Working Group agreed to fix the problem by: 
 - making auth scheme and realm both optional
 - making auth scheme and auth realm properties exist together
 - dropping the value "none" from auth scheme values
 - using the default value of the attribute to provide the default value for realm (of "")
 - editorial: clean up the wording of the "Relationship to WSDL Component Model" to properly use the word component and property correctly and carefully. 

If we don't hear otherwise within two weeks, we will assume this satisfies your concern.

[1] http://www.w3.org/2002/ws/desc/5/lc-issues/issues.html#LC327


> -----Original Message-----
> From: public-ws-desc-comments-request@w3.org [mailto:public-ws-desc-
> comments-request@w3.org] On Behalf Of Hugo Haas
> Sent: Wednesday, August 24, 2005 3:17 AM
> To: public-ws-desc-comments@w3.org
> Subject: HTTP binding: {http authentication realm} is required
> 
> In Part 2's 6.12 Specifying HTTP Access Authentication, we have:
> 
>      * {http authentication realm} REQUIRED. A xs:string to the
> Endpoint. It
>        corresponds to the realm authentication parameter defined in
> [IETF
>        RFC 2617]. If the value of the {http authentication scheme}
> property
>        is not "none", it MUST not be empty.
> 
> [...]
> 
> 
> 
> 
>           Property                            Value
> 
> 
> 
> 
> [...]
>                           The actual value of the
> 
>     {http authentication  whttp:authenticationRealm attribute
> 
>     realm}                information item; otherwise, "" (the empty
> 
>                           value).
> 
> 
> 
> 
> 
> Why do we have this property required and defaulting to an empty
> string?
> 
> It seems to make more sense to have this property optional.
> 
> Here's a proposal for the property definition:
> 
>   {http authentication realm}, OPTIONAL.
> 
>     A xs:string. It corresponds to the realm authentication parameter
>     defined in [IETF RFC 2617]. If the value of the {http
>     authentication scheme} property is not "none", it MUST be present
>     and not empty.
> 
> and for its mapping:
> 
>     The actual value of the whttp:authenticationRealm attribute
>     information item, if present.
> 
> This is related to another comment about optional properties
> defaulting to empty values.
> 
> --
> Hugo Haas - W3C
> mailto:hugo@w3.org - http://www.w3.org/People/Hugo/

Received on Wednesday, 5 October 2005 20:42:40 UTC