[DAS] DAS 1.6 draft 2

Andy Jenkinson andy.jenkinson at ebi.ac.uk
Sun Jun 28 14:57:35 UTC 2009


Hi all,

Having had no objections to anything in the first draft, I have posted  
draft 2 of the 1.6 spec:
http://www.ebi.ac.uk/~aj/1.6_draft2/documents/spec.html

Mostly this comprises clarifications and fixes (e.g. a diagram for  
exception handling) but there is one clarification I would like  
feedback on - HTTP status codes. Apologies for the lengthy explanation  
below...

DAS 1.53 already specifies the X-DAS-Status header to describe DAS  
error conditions, but does not say how these relate to HTTP status  
codes. The issue is confused because some of the X-DAS-Status codes  
chosen match "equivalent" HTTP statuses (e.g. 400 bad request == 400  
bad DAS command) while others do not (401 unauthorized == 401 bad  
dsn). Until fairly recently ProServer actually put the X-DAS-Status  
codes as HTTP status codes, but I changed this behaviour as it can  
result in misleading error reporting by clients.

When I came to clarify how DAS status co-exists with HTTP status for  
1.6, I realised that it is open to interpretation. One view is that  
HTTP statuses describe -only- the transport layer, and as such you  
always use HTTP 200 OK unless there is a problem in the transport  
layer. The HTTP spec thus retains its meaning. A second view is that  
the meaning of the HTTP codes can be changed as we don't use the HTTP  
features that rely on them (mainly authentication). A third view is  
that DAS statuses should be seen as more descriptive versions of  
existing HTTP statuses (e.g. 401 bad dsn is a more descriptive version  
of 400 bad request). The 400 and 500 statuses as described in the HTTP  
spec do not preclude this interpretation.

To speak for what ProServer does, it used to take the second view, and  
now takes the first view. I am wondering whether a middle-ground (the  
third view) strikes a better balance between compatibility with old  
DAS clients (which don't check X-DAS-Status) and HTTP (which requires  
401 unauthorized etc).

Please let me know what you think about the approach taken in the draft.

Cheers,
Andy



More information about the DAS mailing list