3.5.4.1 AcquireIssuanceLicense Operation
A PL cannot be used for licensing until it has been signed by a server. The AcquireIssuanceLicense request is used to sign a PL during online publishing.

Figure 11: AcquireIssuanceLicense sequence
-
<wsdl:operation name="AcquireIssuanceLicense"> <wsdl:input message="tns:AcquireIssuanceLicenseSoapIn" /> <wsdl:output message="tns:AcquireIssuanceLicenseSoapOut" /> </wsdl:operation>
Exceptions Thrown: The AcquireIssuanceLicense method SHOULD return a fault code when a failure occurs. Details of the RMS: Client to Server Protocol SOAP Fault Format can be found in section 3.1.4.5.
|
Exception |
Description |
|---|---|
|
Microsoft.DigitalRightsManagement.Licensing.OnlinePublishingDisabledException |
Online publishing is not available on this server. |
|
Microsoft.DigitalRightsManagement.Licensing.UnsignedIssuanceLicenseNoMatchingIssuedPrincipalException |
None of the issued principals matches this server. |
|
Microsoft.DigitalRightsManagement.Licensing.InvalidOfficialRightsTemplateException |
The official rights template included in the PL is not valid. |
|
Microsoft.RightsManagementServices.ClusterDecommissionedException |
A request was received, but the server is in a decommissioned state and cannot process the request. |
|
Microsoft.DigitalRightsManagement.Cryptography.CryptoUnsupportedSymKeyException |
The supplied enabling bits have an unsupported content key. |
|
Microsoft.RightsManagementServices.EnablingBitsHashDoesNotMatchException |
The supplied enabling bits are not valid. |
In the AcquireIssuanceLicense operation, the client submits an unsigned PL and requests a signed PL chain. A properly formed AcquireIssuanceLicense request MUST contain an unsigned PL.
Upon receiving an AcquireIssuanceLicense request, the server SHOULD validate the unsigned PL for format and syntax.
If the value of the onlinePublishingEnabled field of ServerState is false on the contacted server, the server SHOULD return a Microsoft.DigitalRightsManagement.Licensing.OnlinePublishingDisabledException SOAP fault code.
The ISSUEDPRINCIPALS element of the unsigned PL MUST follow the syntax specified in section 2.2.9.7.4. If not, the server MUST reject the unsigned PL as invalid XrML and SHOULD return a Microsoft.DigitalRightsManagement.Utilities.UnspecifiedErrorException SOAP fault.
The server SHOULD determine whether the PRINCIPAL in the ISSUEDPRINCIPALS of the PL matches the PRINCIPAL in the ISSUEDPRINCIPALS of the SLC in ServerState or in one of the elements of the trustedLicensingServers set in ServerState. A match is determined by comparing the OBJECT ID as well as the size and value of the modulus parameter in the PUBLICKEY element of the ISSUEDPRINCIPALS elements being compared. If there is no match, the server SHOULD return a Microsoft.DigitalRightsManagement.Licensing.UnsignedIssuanceLicenseNoMatchingIssuedPrincipalException SOAP fault code.
If the type attribute of the BODY element of the Encrypted Rights Data of the PL chain is "Microsoft Official Rights Template" and the signature of the Encrypted Rights Data is not valid, the server SHOULD return a Microsoft.DigitalRightsManagement.Licensing.InvalidOfficialRightsTemplateException fault.
If the serverDecommissioned field of ServerState is true, the server SHOULD return a Microsoft.RightsManagementServices.ClusterDecommissionedException SOAP fault code.
If any other errors are found validating the unsigned PL, the server SHOULD return a Microsoft.DigitalRightsManagement.Utilities.UnspecifiedErrorException SOAP fault.
If validation succeeds, the server SHOULD service the request.
To service the request, the server MUST validate the ENABLINGBITS element of the PL. If the session key of the ENABLINGBITS element of the PL is DES symmetric key, the server SHOULD return the Microsoft.DigitalRightsManagement.Cryptography.CryptoUnsupportedSymKeyException SOAP fault code. If the hash that is extracted from the sealedkey field of the ENABLINGBITS cannot be validated, the server SHOULD return the Microsoft.DigitalRightsManagement.EnablingBitsHashDoesNotMatchException SOAP fault code. If validation succeeds, the server SHOULD regenerate the Hash field of the ENABLINGBITS element of the PL by using the ISSUEDPRINCIPALS element of the PL.
To service the request, the server MUST sign the body of the PL and include the signature in the SIGNATURE element of the PL.
The server MUST include a DISTRIBUTIONPOINT (section 2.2.9.7.3) of type "License-Acquisition-URL", and an optional DISTRIBUTIONPOINT of type "Extranet-License-Acquisition-URL". The ADDRESS element SHOULD contain the licensingUrl of the ServerState when the object type is "License-Acquisition-URL", or externalLicensingUrl of ServerState when the object type is "Extranet-License-Acquisition-URL". The NAME element SHOULD contain "DRM Server Cluster" when the object type is "License-Acquisition-URL" or "Extranet-License-Acquisition-URL". The GUID element SHOULD be a unique GUID for this DISTRIBUTIONPOINT element. If the unsigned PL submitted by the client includes any DISTRIBUTIONPOINT of type "Referral-Info", then the same DISTRIBUTIONPOINT MUST be included in the signed PL. The server SHOULD set the ISSUEDTIME (section 2.2.9.1.1) element of the PL to the current time, expressed in UTC.
For information about certificate formats, see section 2.2.9.
For a successful request, the server MUST return a signed PL chain. For an unsuccessful request, the server MUST return a SOAP fault code listed earlier or a generic SOAP fault code. The client MUST treat all generic SOAP fault codes the same.