- From: Ram Jeyaraman <Ram.Jeyaraman@microsoft.com>
- Date: Tue, 17 Nov 2009 18:48:21 +0000
- To: "public-ws-resource-access@w3.org" <public-ws-resource-access@w3.org>
- Message-ID: <503546C5699C1144BDEA0D0DFFE7F88118176C6A@TK5EX14MBXC110.redmond.corp.microsoft.>
During the Santa Clara F2F, a proposal [1] was suggested.
Ø {some combo of specs} allows receivers to dispatch on either the [Action] property or the QName of the [Body] child.
Since there are other possible dispatch mechanisms, the specifications should not discuss or allude to specific dispatch mechanisms.
Ø Implementations that authorize requests based on the requested operation are advised to ensure that the property values used for such authorization decisions are consistent with the property values that are used for dispatching.
It is not clear what authorization decisions means here. Besides, the specification need not talk about dispatching rules.
Since the primary concern of this issue is about receiver behavior in the event where an incoming message does NOT conform to the XML outline and description of an operation in the specification, I suggest we consider a resolution along the lines of [2].
Thanks.
[1]
{some combo of specs} allows receivers to dispatch on either the [Action] property or the QName of the [Body] child. Implementations that authorize requests based on the requested operation are advised to ensure that the property values used for such authorization decisions are consistent with the property values that are used for dispatching.
[2]
A receiving SOAP Node is encouraged to generate a SOAP 1.1 Client or SOAP 1.2 Sender fault, if a SOAP message targeted at an operation defined by this specification does not conform to the XML outline and description of the operation.
Received on Tuesday, 17 November 2009 18:49:11 UTC