On Feb 20, 2008 9:05 PM, Steven Newhouse <Steven.Newhouse@microsoft.com> wrote:
If you fail authorization under the container's rule it is the container that sends the fault
And that is what I've been asking for - what the fault should look like. I have my own container (which does authentication and authorization) so I must choose the most suitable fault to return.
- I use whatever fault I like but decrease the interoperability (still, WSDL modification needed)
There's nothing stopping you doing this apart from interoperability!
That's what I surely don't want to do. Summing up, the only solution I can see now is to return standard SOAP fault with added human readable description saying that this general fault was thrown because of an authorization failure so that the client at the other side knows the reason her call was rejected. -- Piotr Domagalski