Re: Issue #12: HTTP Status Codes 500 v 200

My 2c on this issue (I like tackling the tough ones 8-)

SOAP is one way of extending HTTP's (or many other application
protocol's) semantics.  It is *not* a layer above HTTP in the same way
that WebDAV isn't a layer on top of HTTP.  SOAP and WebDAV are both
extensions of HTTP.  SOAP just happens to extend HTTP in a way that HTTP
wasn't expecting (to say the least - and FWIW, this isn't a good thing).

A SOAP fault carried on an HTTP response must therefore use HTTP
semantics as best it can.  There are four types of SOAP fault;

- version mismatch
- must understand
- client
- server

The last one clearly maps quite cleanly to a 500.  The third one maps
cleanly to 400. (*)  The other two aren't as straightforward.

The "Version Mismatch" fault looks a bit like a 505 ("HTTP Version Not
Supported"), but not exactly, since 505 is specific to HTTP versioning,
not SOAP versioning.  But I certainly believe that either 500, or a new
5xx code should communicate the intent.

The "Must Understand" fault is quite close to a 417 ("Expectation
Failed" - part of the HTTP 1.1 Expect feature).  It's a 4xx ("Client
Error") presumably because if the request hadn't been sent with that
Expect header, you'd be fine.  I suggest that either 400 or a new 4xx
status code (not 417, as that's specific to Expect) be used for must
understand as well.

(*) I would normally suggest that using the specific 5xx or 4xx status
codes (rather than 400 and 500) should be used, but as SOAP is trying to
be application-protocol neutral, I can understand its desire not to.

I hope that was helpful.


Received on Sunday, 3 June 2001 02:45:52 UTC