3.4.5 Message Processing Events and Sequencing Rules
For the proxy to function properly as a proxy component on the system, it MUST retrieve information from the server about the service configuration and the endpoints it listens to, and about the available relying party trusts.
The following resources are required to retrieve server configuration.
Resource |
Description |
---|---|
Proxy/GetConfiguration |
Resource used to retrieve service and endpoint configuration. |
Proxy/RelyingPartyTrusts |
Resource used to retrieve all relying party trusts. |
Proxy/RelyingPartyTrusts/{Identity} |
Resource used to retrieve a particular relying party trust. |
The responses to all the operations can result in the following status codes.
Status code |
Description |
---|---|
200 |
The operation has succeeded. |
400 |
The request is not valid. |
401 |
Unauthorized for specified user credentials or for client TLS certificate. |
404 |
The object does not exist. |
405 |
Invalid verb used in request (GET, DELETE, POST, PUT). |
409 |
The object already exists. |
500 |
Version is not specified where required or any other internal error. |
501 |
Version specified (api-version) is invalid (valid values are 1 and 2).<11> |
For all operations in this section, the server requires authenticating the proxy using client TLS authentication [RFC2246]. The server MUST validate that the certificate that is presented by the proxy during client TLS authentication can be validated by one of the values of [Server State].ProxyTrustedCertificates. If the certificate cannot be validated, the server MUST return an HTTP error code of 401.