re: RFC 3920, Section 9.3.2, and JEP-0050, Section 4.4 I think the correct response should be:
<iq from="msn.delx.cjb.net" type="error" id="ac83a" to="[EMAIL PROTECTED]/Powerbook"> <command xmlns="http://jabber.org/protocol/commands"; node="connectusers" /> <error type='cancel' code='403'> <forbidden xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/> <text xmlns="urn:ietf:params:xml:ns:xmpp-stanzas">The requesting entity does not possess the required permissions to perform the action.</text> </error> </iq> I seem to think that type should be 'auth' and not 'cancel' (as the jep states). The rfc says auth means 'retry after providing credentials', which includes out-of-band. The irc transport currently uses 'auth'. The MSN transport is currently using 401, whereas the jep seems to think it should be 403. Again 401/auth might be seen as something the user might be able to fix if they supply new credentials in-band, and 403/forbidden implies that the user will never be able to do it - requiring out-of-band changes to allow it. Psi doesn't currently report the error condition, it probably should. In fact this will probably get fixed when Psi stops treating command stages as separate entities, and links them together coherently. (you might notice atm, that each stage is a new window, which is wrong) On 27/08/05, James Bunton <[EMAIL PROTECTED]> wrote: > Hi all. > > I'm implementing a few ad-hoc commands in PyMSNt. > > What should I send as a response if the requesting client doesn't have > permission to execute the command? > At the moment it goes like this > > <iq type="set" to="msn.delx.cjb.net" id="ac83a" > > <command xmlns="http://jabber.org/protocol/commands"; > node="connectusers" /> > </iq> > > <iq from="msn.delx.cjb.net" type="error" id="ac83a" > to="[EMAIL PROTECTED]/Powerbook" > > <error type="cancel" code="401" > > <not-authorized/> > </error> > </iq> > > > Psi (with ad-hoc patches) doesn't display any error though, and > JEP-0050 doesn't actually mention an error case for lack of > permissions. > > --- > > James > > _______________________________________________ > jdev mailing list > [email protected] > http://mail.jabber.org/mailman/listinfo/jdev > -- - Norman Rasmussen - Email: [EMAIL PROTECTED] - Home page: http://norman.rasmussen.co.za/ _______________________________________________ jdev mailing list [email protected] http://mail.jabber.org/mailman/listinfo/jdev
