3.4.4.1 EditIssuanceLicense
In the EditIssuanceLicense operation, the requestor specifies a signed publishing license and an unsigned publishing license, and the server returns a signed publishing license.
Figure 7: EditIssuanceLicense operation message sequence
-
<wsdl:operation name="EditIssuanceLicense"> <wsdl:input message="tns:EditIssuanceLicenseSoapIn" /> <wsdl:output message="tns:EditIssuanceLicenseSoapOut" /> </wsdl:operation>
To perform the request validation, the server MUST validate the input parameters upon receiving an EditIssuanceLicense request. The EditIssuanceLicense request includes the following parameters.
|
Parameter |
Description |
|---|---|
|
SignedIssuanceLicense |
An XML node that contains the signed publishing license that will be updated. This is the leaf certificate in the publishing license chain only, not the entire chain leading back to the root issuer. |
|
UnsignedIssuanceLicense |
An XML node that contains the new publishing license, which includes the new rights that will replace the rights in the existing license. This is the leaf certificate in the publishing license chain only, not the entire chain leading back to the root issuer. |
Upon receiving an EditIssuanceLicense request, the server MUST validate both PLs for format and syntax. In addition, the server MUST validate the signature of the signed PL as follows:
If the PL chain fails signature validation or is issued by a server that the RMS server does not trust, the server SHOULD return a Microsoft.DigitalRightsManagement.Licensing.InvalidSignedIssuanceLicenseException SOAP fault code.
If the ISSUEDPRINCIPALS element of the signed PL does not match the requesting server, the server SHOULD return a Microsoft.DigitalRightsManagement.InvalidSignedIssuanceLicenseException SOAP fault code.
If the value of the onlinePublishingEnabled field, as defined in [MS-RMPR] section 3.1.1.1.1, of the ServerState is False on the requested server, as defined in [MS-RMPR] section 3.1.1.2.1, the server SHOULD return a Microsoft.DigitalRightsManagement.OnlinePublishingDisabledException SOAP fault code.
If the ISSUEDPRINCIPALS element of the unsigned PL does not match the requesting server, the server SHOULD return a Microsoft.DigitalRightsManagement.UnsignedIssuanceLicenseNoMatchingIssuedPrincipalException SOAP fault code.
If the type attribute of the BODY element of the Encrypted Rights Data of the PL chain is "Microsoft Official Rights Template" and the signature of the Encrypted Rights Data is not valid, the server SHOULD return a Microsoft.DigitalRightsManagement.Licensing.InvalidOfficialRightsTemplateException fault.
If the serverDecommissioned field of the ServerState is True, the server SHOULD return a Microsoft.RightsManagementServices.ClusterDecommissionedException SOAP fault code.
If the Encrypted Rights Data of the signed PL does not contain an AUTHENTICATEDDATA element configured as follows:
An id of "APPSPECIFIC"
A name set to "Allow_Server_Editing"
A value of True
the server MUST return a Microsoft.DigitalRightsManagement.ServerRepublishIllegalException SOAP fault code.
If validation succeeds, the server SHOULD service the request. To service the request, the server MUST create a new ENABLINGBITS element for the unsigned PL by using the content key from the signed PL. The server MUST decrypt the Encrypted Rights Data of the unsigned PL by using the original content key of the unsigned PL. The server MUST re-encrypt the resulting string by using the content key of the signed PL. The server MUST sign the body of the unsigned PL and include the signature in the SIGNATURE element of the PL.
For a successful request, the server MUST return the new signed PL. The server MUST return only the leaf certificate in the PL chain. For an unsuccessful request, the server MUST return a SOAP fault code as described earlier in this section, or a generic SOAP fault code. The client MUST process all generic SOAP fault codes in the same manner.
Exceptions Thrown:
The EditIssuanceLicense operation MUST throw either Common Fault Codes for the RMS: ISV Extension Protocol, as described in section 3.1.4.2, or one of the following exceptions:
|
Exception |
Description |
|---|---|
|
Microsoft.DigitalRightsManagement.ServerRepublishIllegalException |
Server republishing is not allowed. |
|
Microsoft.DigitalRightsManagement.InvalidSignedIssuanceLicenseException |
The signed issuance license supplied by the requestor is invalid. |
|
Microsoft.DigitalRightsManagement.Licensing.OnlinePublishingDisabledException |
Online publishing is not available on this server. |
|
Microsoft.DigitalRightsManagement.Licensing.UnsignedIssuanceLicenseNoMatchingIssuedPrincipalException |
None of the issued principals match this server. |
|
Microsoft.DigitalRightsManagement.Licensing.InvalidOfficialRightsTemplateException |
The official rights template included in the PL is not valid. |
|
Microsoft.RightsManagementServices.ClusterDecommissionedException |
A request was received, but the server is in a decommissioned state and cannot process the request. |