[foaf-protocols] Webid Spec: HTTP status codes?
nathan at webr3.org
Mon Sep 20 05:01:02 CEST 2010
Joe Presbrey wrote:
> On Thu, Aug 12, 2010 at 7:13 PM, Akbar Hossain <akkiehossain at gmail.com> wrote:
>> Joe Presbrey created an apache mod to implement the foaf+ssl authnetication .
> Hi Akbar, thanks! I'll document the current mod_authn_webid responses
> to your rough list inline below.
>> A rough list would probably include
>> TLS connection error
> no HTTP connection => no HTTP response status code
>> No client certificate supplied
>> No URI found in the SAN
>> Unable to dereference a URI in the SAN
> Not considered. Is this a failed GET sub-request of the WebID URI? If
> so, this should be 502.
>> Public Key in the Client Certificate doesnt match the RSA Public Key in WebId
agree with everything up to the 200, we can't specify that as it depends
on the request/verb/ action being taken etc, each successful request
could have any code.
I'd suggest we map to 401 with a description in the message-body of what
went wrong, why not in RDFa w/ a nice ontology for errors..
As for 502, makes sense to me but maybe best to double-check with
httpbis working group.
Cen't see a need for any other status codes at all, either server error
or unauthorised is all we need, then boot to message-body to describe in
more detail, as per http spec.
More information about the foaf-protocols