3.1.4.3 GetCookie
A DSS calls the GetCookie method to obtain a cookie containing an opaque sequence of bytes that encode implementation-specific authorization, authentication, and runtime information for use by the USS.
-
<wsdl:operation name="GetCookie"> <wsdl:input message="tns: GetCookieSoapIn" /> <wsdl:output message=" tns:GetCookieSoapOut" /> </wsdl:operation>
The SOAP operation is defined as follows.
-
<soap:operation soapAction="http://www.microsoft.com/SoftwareDistribut ion/GetCookie" style="document" />
Request validation:
The USS validates inputs, as specified in the following table. If any of the inputs are not valid, the USS MUST return a SOAP fault message to the DSS with the <ErrorCode> set, as shown in the table.
|
Input |
Validation conditions |
ErrorCode |
|---|---|---|
|
authCookies |
MUST contain exactly one AuthorizationCookie element. |
InvalidParameters |
|
authCookies |
The CookieData field MUST be of the correct format such that the USS can read values out of it, as specified in section 2.2.4.7. |
InvalidAuthorizationCookie |
|
protocolVersion |
MUST be of the format "x.y", where x is the Major Version and y is the Minor Version number. |
InvalidParameters |
|
protocolVersion |
Major Version MUST be "1". |
IncompatibleProtocolVersion |
Data processing:
The USS MUST process this message as follows:
Parse the CookieData in the AuthorizationCookie and extract the ExpirationTime, target groups list, and DSS account GUID.
If the cookie has a syntax, formatting, or other error preventing the necessary information from being read out of the EncryptedData field, return SOAP fault with <ErrorCode> set to InvalidAuthorizationCookie.
Create a Cookie with the Expiration set to an implementation-specific cookie expiration interval sometime in the future.<29>
Initialize the EncryptedData field of the Cookie to a sequence of bytes, as defined in section 2.2.4.8.
Response:
If no errors occur during processing, the USS MUST return the response to the DSS.
If an error occurs during processing, the USS MUST return a SOAP fault. The SOAP fault SHOULD contain an <ErrorCode> element, as defined in section 2.2.9. If the SOAP fault contains an <ErrorCode> element, its value MUST be one of the following.
If the DSS receives a SOAP fault containing an <ErrorCode> element, it MUST react to the fault, as described in the following table. If the DSS receives a fault that does not contain an <ErrorCode> element, it MUST stop the protocol.
|
ErrorCode |
Description |
|---|---|
|
InvalidParameters |
Parameters passed to a web method are not valid. The message part of the exception will contain the parameter name. The DSS MUST stop the protocol. |
|
InternalServerError |
An internal error occurred on the server. The DSS MUST stop the protocol. |
|
IncompatibleProtocolVersion |
The version of the protocol used by DSS is incompatible with the version used by USS. The DSS MUST abort the protocol. |
|
InvalidAuthorizationCookie |
The authorization cookie submitted by the DSS is not valid. The DSS MUST restart the protocol from the beginning. |