Sonos Music API getDeviceAuthToken retry responses not working - sonos

We've registered our service on the customsd page, and we're able to select it from the Add Music Services menu option. However, we're running into some difficulty during authorization.
When we start the sign in process, Sonos makes a getAppLink request to our service, we respond, and the button successfully takes the user to our sign-in page. That piece appears to be working.
However, we're running into issues with the getDeviceAuthToken polling that Sonos is doing. Once the sign-in process starts, Sonos consistently sends three getDeviceAuthToken requests and then gives up, sending no more requests even though we give back the necessary retry responses.
The requests from Sonos look like this (with some information partially or fully redacted and formatting added to the body for readability):
POST <our_soap_endpoint> HTTP/1.1
Connection: Keep-Alive
Content-Type: text/xml; charset="utf-8"
Accept-Encoding: gzip
Accept-Language: en-US
Host: <our_site>
Max-Forwards: 10
User-Agent: Linux UPnP/1.0 Sonos/51.1-67300 (ICRU_iPhone11,8)
X-Sonos-Controller-ID: 02A4****
X-Sonos-Api-Key: 4348****
X-Sonos-Corr-Id: 0b99****
SOAPACTION: "http://www.sonos.com/Services/1.1#getDeviceAuthToken"
X-FORWARDED-PROTO: https
X-FORWARDED-PORT: 443
X-ORIGINAL-HOST: <our_site>
X-Original-URL: <our_soap_endpoint>
X-Forwarded-For: <some_ip_address>
X-ARR-SSL: 2048|256|C=US, O=DigiCert Inc, CN=DigiCert SHA2 Secure Server CA|C=US, S=Ohio, L=Cleveland, O="OverDrive, Inc.", OU=OverDrive IT, CN=*.overdrive.com
X-ARR-LOG-ID: 5188****
Content-Length: 548
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<credentials xmlns="http://www.sonos.com/Services/1.1">
<deviceId>78****</deviceId>
<deviceProvider>Sonos</deviceProvider>
</credentials>
<context xmlns="http://www.sonos.com/Services/1.1">
<timeZone>-4:00</timeZone>
</context>
</s:Header>
<s:Body>
<getDeviceAuthToken xmlns="http://www.sonos.com/Services/1.1">
<householdId>Sonos_sIGu****</householdId>
<linkCode>ab76****</linkCode>
</getDeviceAuthToken>
</s:Body>
</s:Envelope>
Our responses look like this (again with some information partially or fully redacted and formatting added to the body for readability):
HTTP/1.1 500 Internal Server Error
Transfer-Encoding: chunked
Content-Type: text/xml; charset="utf-8"
Server: Microsoft-IIS/10.0
Date: Fri, 30 Aug 2019 13:25:25 GMT
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<s:Fault>
<faultcode>Client.NOT_LINKED_RETRY</faultcode>
<faultstring>No token found for link code ab76****. Please retry.</faultstring>
</s:Fault>
</s:Body>
</s:Envelope>
From what we can tell based on the documentation for getDeviceAuthToken and error handling / faults, our responses appear to match what's expected for telling Sonos to try again. Are we missing something or doing something incorrectly?

Your response does not look correct. It should be something like this:
. . .
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns="http://www.sonos.com/Services/1.1">
<soap:Body>
<soap:Fault>
<faultcode>Client.NOT_LINKED_FAILURE</faultcode>
<faultstring>Access to token failed</faultstring>
<detail>
<ns:ExceptionInfo>Restart authentication.</ns:ExceptionInfo>
<ns:SonosError>6</ns:SonosError>
</detail>
</soap:Fault>
</soap:Body>
</soap:Envelope>
See HANDLING ERRORS DURING AUTHENTICATION for details.

Related

Office.context.mailbox.getCallbackTokenAsync() empty token

I'm having a problem with a web add-in for Outlook.
The Outlook client is 2016 (MSI) which I believe means that it supports no higher than JavaScript API 1.4, opposed to Outlook 2016 (C2R) which, as I recall it, supports JavaScript API 1.6 or maybe even higher.
Anyway, I'm trying to use the method Office.context.mailbox.getCallbackTokenAsync(asyncResult) which has previously worked just fine on the server where it is used, but now it has stopped working for some odd reason.
The asyncResult is now empty or rather the token is empty.
{"value":"","status":"succeeded"}
How can the token be empty all of the sudden when this add-in used to work perfectly?
According to the admin of the server, it has received Windows updates on the date that this stopped working for both Office and Outlook specifically.
The Outlook clients connect to an Exchange 2013 (CU7 December 9, 2014 : 15.0.1044.25) which has also received some updates.
Both servers have been rebooted since then, but nothing has changed. The token remains empty.
Can anyone shed some light on what could be the cause of this if anyone knows that is, because all I can really do myself at this point is guess?
UPDATE 1
I have now been given permission to install Fiddler and I have found the request and respond regarding the attempt to retrieve the token.
Can any of you who know the Exchange server inside out see what is going on here, because I don't see any reasoning as to what is failing, except that the response message indicates that the request is faulty somehow (which hasn't been changed for more then a year at least).
Here is the request (some names have been replaced with something generic).
REQUEST
POST https://<domain>/ews/Exchange.asmx HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Content-Type: text/xml; charset=utf-8
User-Agent: Microsoft Office/16.0 (Windows NT 6.3; Microsoft Outlook 16.0.4849; Pro)
X-User-Identity: <account>#<domain>.com
Depth: 0
Content-Length: 801
Host: <host>
Authorization: Negotiate TlRMTVNTUAADAAAAGAAYAJ4AAABCAUIBtgAAAAAAAABYAAAANAA0AFgAAAASABIAjAAAABAAEAD4AQAAFYKI4gYDgCUAAAAPGSbYTqZVeCx7cnQxM336pnMAeQBzAHQAZQBtAGMAbwBuAG4AZQBjAHQAQABlAHMAdABpAGMAaABlAG0ALgBjAG8AbQBFAFMAVABJAC0AQwBUAFgAMQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT6dTWGCCv/rRor0Srrxd9AQEAAAAAAADJcWWYQo7VATtznMo8smALAAAAAAIACABFAFMAVABJAAEAFABFAFMAVABJAC0ARQBYAEMASAAxAAQAFABFAFMAVABJAC4AbABvAGMAYQBsAAMAKgBFAFMAVABJAC0ARQBYAEMASAAxAC4ARQBTAFQASQAuAGwAbwBjAGEAbAAFABQARQBTAFQASQAuAGwAbwBjAGEAbAAHAAgAyXFlmEKO1QEGAAQAAgAAAAgAMAAwAAAAAAAAAAAAAAAAIAAA77CK35CNnSd54Hy6NnToh6W3Oxa6tsihxlCrQ8jwDWMKABAARs+Rq8MKQZq+cmQJ8nL9/gkALABIAFQAVABQAC8AbQBhAGkAbAAuAGUAcwB0AGkAYwBoAGUAbQAuAGMAbwBtAAAAAAAAAAAAeHckPR2HOLOW0y2ri7TR1A==
Cookie: OutlookSession="{994C5944-A93C-4830-9E6F-605881790815}"; ClientId=PRHSVIWKYUDISQLQPQ
<?xml version="1.0"?>
<q:Envelope
xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types"
xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages"
xmlns:q="http://schemas.xmlsoap.org/soap/envelope/">
<q:Header>
<ex12t:RequestServerVersion Version="Exchange2012"></ex12t:RequestServerVersion>
</q:Header>
<q:Body>
<ex12m:GetClientAccessToken>
<ex12m:TokenRequests>
<ex12t:TokenRequest>
<ex12t:Id>214c1212-e3ff-45eb-9218-2deb35d6b8b9</ex12t:Id>
<ex12t:TokenType>ScopedToken</ex12t:TokenType>
<ex12t:Scope>ParentItemId:AAMkADRiMzkyMjhmLWQ1NGItNDY0Mi04Nzk0LWYyNzMzZWQ2ZGE5MABGAAAAAAApHj7qoKF1QY4+pcwfu7uCBwCHPrayw2+bT5ByF4j5Y8QZAAAAAAEMAACHPrayw2+bT5ByF4j5Y8QZAAAAAAFxAAA=</ex12t:Scope>
</ex12t:TokenRequest>
</ex12m:TokenRequests>
</ex12m:GetClientAccessToken>
</q:Body>
</q:Envelope>
RESPONSE (some names have been replaced with something generic).
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/8.5
request-id: 1a7cbf79-8ba3-4a73-bfa2-1733d841b2b1
X-CalculatedBETarget: <server>.local
X-DiagInfo: <server>
X-BEServer: <server>
X-AspNet-Version: 4.0.30319
Set-Cookie: exchangecookie=2cd797c5290345a7861dfe60e16ecc12; expires=Thu, 29-Oct-2020 10:21:15 GMT; path=/; HttpOnly
Set-Cookie: X-BackEndCookie=S-1-5-21-2060358956-2462126529-2132206371-1263=u56Lnp2ejJqBmpzHns+cypzSncaZzdLLmprH0p3HxsvSm5yaycuazMieys/MgYHNz87G0s7O0s3Hq87Pxc3Oxc7K; expires=Thu, 28-Nov-2019 09:21:15 GMT; path=/ews; secure; HttpOnly
Persistent-Auth: true
X-Powered-By: ASP.NET
X-FEServer: <server>
Date: Tue, 29 Oct 2019 10:21:15 GMT
Content-Length: 1148
<?xml version="1.0" encoding="utf-8"?>
<s:Envelope
xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<h:ServerVersionInfo MajorVersion="15" MinorVersion="0" MajorBuildNumber="1044" MinorBuildNumber="21" Version="V2_22"
xmlns:h="http://schemas.microsoft.com/exchange/services/2006/types"
xmlns="http://schemas.microsoft.com/exchange/services/2006/types"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
</s:Header>
<s:Body
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<m:GetClientAccessTokenResponse
xmlns:m="http://schemas.microsoft.com/exchange/services/2006/messages"
xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types">
<m:ResponseMessages>
<m:GetClientAccessTokenResponseMessage ResponseClass="Error">
<m:MessageText>The token for this extension could not be retrieved.</m:MessageText>
<m:ResponseCode>ErrorInvalidClientAccessTokenRequest</m:ResponseCode>
<m:DescriptiveLinkKey>0</m:DescriptiveLinkKey>
</m:GetClientAccessTokenResponseMessage>
</m:ResponseMessages>
</m:GetClientAccessTokenResponse>
</s:Body>
</s:Envelope>

Refreshed auth token not persisting

We seem to be encountering an issue where we are refreshing auth tokens via a fault as described in the "REFRESHING EXPIRED TOKENS USING A SOAP FAULT" section of the "Processing authentication tokens" page. Sonos is receiving the new token and using it to fulfill its original request, but is then reverting back to using the old token information.
We captured some traffic showing the problem and have been able to reproduce it several times.
First, Sonos makes a request using an expired token:
POST /soap HTTP/1.1
Connection: Keep-Alive
Content-Type: text/xml; charset="utf-8"
Accept-Encoding: gzip
Accept-Language: en-US
Host: <our_service>
Max-Forwards: 10
User-Agent: Linux UPnP/1.0 Sonos/52.13-69030 (ICRU_iPhone11,8)
X-Sonos-Controller-ID: 02A4****
X-Sonos-Api-Key: 4348****
X-Sonos-Corr-Id: c27c47ca-50c7-4a45-8c77-12c6b6a4415c
SOAPACTION: "http://www.sonos.com/Services/1.1#getMetadata"
X-FORWARDED-PROTO: https
X-FORWARDED-PORT: 443
X-ORIGINAL-HOST: <our_service>
X-Original-URL: /soap
X-Forwarded-For: ****
X-ARR-SSL: ****
X-ARR-LOG-ID: 203a446d-76ec-498d-b72d-ad8e61a0611e
Content-Length: 803
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<context xmlns="http://www.sonos.com/Services/1.1">
<timeZone>-4:00</timeZone>
</context>
<credentials xmlns="http://www.sonos.com/Services/1.1">
<loginToken>
<token>95ce****</token>
<key>{"Expires":"2019-09-24T18:33:58.7093084Z","RefreshToken":"ceaa****"}</key>
<householdId>Sonos_sIGui81Pzu6Jny5L0ELN0WnJsG</householdId>
</loginToken>
<deviceId>78-28-CA-03-DA-40:B</deviceId>
<deviceProvider>Sonos</deviceProvider>
</credentials>
</s:Header>
<s:Body>
<getMetadata xmlns="http://www.sonos.com/Services/1.1">
<id>root</id>
<index>0</index>
<count>100</count>
</getMetadata>
</s:Body>
</s:Envelope>
Our service recognizes the token as expired and refreshes it:
HTTP/1.1 500 Internal Server Error
Content-Type: text/xml; charset="utf-8"
Server: Microsoft-IIS/10.0
Date: Wed, 25 Sep 2019 13:45:39 GMT
Content-Length: 554
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<s:Fault>
<faultcode>Client.TokenRefreshRequired</faultcode>
<faultstring>Auth Token Refreshed</faultstring>
<detail>
<refreshAuthTokenResult xmlns="http://www.sonos.com/Services/1.1">
<authToken>d464****</authToken>
<privateKey>{"Expires":"2019-09-25T14:45:39.2925349Z","RefreshToken":"a0ab****"}</privateKey>
</refreshAuthTokenResult>
</detail>
</s:Fault>
</s:Body>
</s:Envelope>
Sonos receives the new token, and uses it to fulfill its original request:
POST /soap HTTP/1.1
Connection: Keep-Alive
Content-Type: text/xml; charset="utf-8"
Accept-Encoding: gzip
Accept-Language: en-US
Host: <our_service>
Max-Forwards: 10
User-Agent: Linux UPnP/1.0 Sonos/52.13-69030 (ICRU_iPhone11,8)
X-Sonos-Controller-ID: 02A4****
X-Sonos-Api-Key: 4348****
X-Sonos-Corr-Id: 6f050fc0-027a-410c-8315-bf22486140a7
SOAPACTION: "http://www.sonos.com/Services/1.1#getMetadata"
X-FORWARDED-PROTO: https
X-FORWARDED-PORT: 443
X-ORIGINAL-HOST: <our_service>
X-Original-URL: /soap
X-Forwarded-For: ****
X-ARR-SSL: ****
X-ARR-LOG-ID: 745f02ac-60c7-440f-9c0c-620b73905b39
Content-Length: 803
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<context xmlns="http://www.sonos.com/Services/1.1">
<timeZone>-4:00</timeZone>
</context>
<credentials xmlns="http://www.sonos.com/Services/1.1">
<loginToken>
<token>d464****</token>
<key>{"Expires":"2019-09-25T14:45:39.2925349Z","RefreshToken":"a0ab****"}</key>
<householdId>Sonos_sIGui81Pzu6Jny5L0ELN0WnJsG</householdId>
</loginToken>
<deviceId>78-28-CA-03-DA-40:B</deviceId>
<deviceProvider>Sonos</deviceProvider>
</credentials>
</s:Header>
<s:Body>
<getMetadata xmlns="http://www.sonos.com/Services/1.1">
<id>root</id>
<index>0</index>
<count>100</count>
</getMetadata>
</s:Body>
</s:Envelope>
The new token is good, so we respond with information:
HTTP/1.1 200 OK
Content-Type: text/xml; charset="utf-8"
Server: Microsoft-IIS/10.0
Date: Wed, 25 Sep 2019 13:45:41 GMT
Content-Length: 4408
<?xml version="1.0" encoding="utf-8"?>
<s:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<getMetadataResponse xmlns="http://www.sonos.com/Services/1.1">
<getMetadataResult xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<index>0</index>
<count>1</count>
<total>1</total>
<mediaCollection>
DATA
</mediaCollection>
</getMetadataResult>
</getMetadataResponse>
</s:Body>
</s:Envelope>
Everything is working as expected that far. But then when Sonos tries to make another request, it's reverting to using the old authentication information:
POST /soap HTTP/1.1
Connection: Keep-Alive
Content-Type: text/xml; charset="utf-8"
Accept-Encoding: gzip
Host: <our_service>
Max-Forwards: 10
User-Agent: Linux UPnP/1.0 Sonos/52.13-69030 (ZPS13)
X-Sonos-Corr-Id: 813f189e-8a70-41c2-8aaa-c1b117f6045d
SOAPACTION: "http://www.sonos.com/Services/1.1#getMetadata"
X-FORWARDED-PROTO: https
X-FORWARDED-PORT: 443
X-ORIGINAL-HOST: <our_service>
X-Original-URL: /soap
X-Forwarded-For: ****
X-ARR-SSL: ****
X-ARR-LOG-ID: 1158ddfa-df17-4f37-8843-1133566dacbe
Content-Length: 855
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<credentials xmlns="http://www.sonos.com/Services/1.1">
<deviceId>78-28-CA-03-DA-40:B</deviceId>
<deviceProvider>Sonos</deviceProvider>
<loginToken>
<token>95ce****</token>
<key>{"Expires":"2019-09-24T18:33:58.7093084Z","RefreshToken":"ceaa****"}</key>
<householdId>Sonos_sIGui81Pzu6Jny5L0ELN0WnJsG</householdId>
</loginToken>
</credentials>
<context xmlns="http://www.sonos.com/Services/1.1">
<timeZone>-4:00</timeZone>
</context>
</s:Header>
<s:Body>
<getMetadata xmlns="http://www.sonos.com/Services/1.1">
<id>audiobook:18789269:791128</id>
<index>0</index>
<count>2147483647</count>
<recursive>1</recursive>
</getMetadata>
</s:Body>
</s:Envelope>
That token is still expired, and that refresh token has now been used already and discarded, so we respond saying the user must re-authenticate:
HTTP/1.1 500 Internal Server Error
Content-Type: text/xml; charset="utf-8"
Server: Microsoft-IIS/10.0
Date: Wed, 25 Sep 2019 13:45:43 GMT
Content-Length: 213
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<s:Fault>
<faultcode>Client.AuthTokenExpired</faultcode>
<faultstring>Error refreshing auth token</faultstring>
</s:Fault>
</s:Body>
</s:Envelope>
We're not sure what's going wrong, as Sonos appears to be recognizing our refresh response and uses the new information the first time. Is there something we need to do differently?
The first request comes from the Sonos app (indicated by ICRU_iPhone11,8 in the user-agent). Your service sends new credentials to the app and the app updates them and makes a request with them.
The next request is from a Sonos player in the household (ZPS13 in the user-agent). The Sonos player does not have the new authentication information as the Sonos app does not replicate new credentials to the players. In this case, you should handle multiple token refreshes using the same refresh token. Once the player receives new credentials, it propagates them to other players and apps.
If the first request had come from a Sonos player, the player would event out new credentials to other players and apps.
I'll update the Processing Authentication Tokens for API Requests documentation with this information.

WSO2 Identity Server: SOAP Services failing to update user claim values after first time

I have been using WSO2 IS 5.3.0. I am using SOAP service of RemoteUserStoreManagerService. Operation is setUserClaimValues. This is used to update value of failed login attempts by user. However, this service calls work only for the first time and then it does not work until wso2 restarted. The SOAP service does not return any error though any time.
When I hit it through SOAP-UI, I get following response with blank body.
HTTP/1.1 202 Accepted
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Date: Wed, 22 Mar 2017 21:03:16 GMT
Server: WSO2 Carbon Server
SOAP Request for setting value
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:ser="http://service.ws.um.carbon.wso2.org" xmlns:xsd="http://common.mgt.user.carbon.wso2.org/xsd">
<soap:Header/>
<soap:Body>
<ser:setUserClaimValues>
<!--Optional:-->
<ser:userName>superadmin03</ser:userName>
<ser:claims>
<!--Optional:-->
<xsd:claimURI>http://wso2.org/claims/identity/failedLoginAttempts</xsd:claimURI>
<!--Optional:-->
<xsd:value>2</xsd:value>
</ser:claims>
</ser:setUserClaimValues>
</soap:Body>
</soap:Envelope>
SOAP Response for getting value
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:ser="http://service.ws.um.carbon.wso2.org">
<soap:Header/>
<soap:Body>
<ser:getUserClaimValues>
<!--Optional:-->
<ser:userName>superadmin03</ser:userName>
</ser:getUserClaimValues>
</soap:Body>
</soap:Envelope>
When I call getUserClaimValues for same attribute, it does not show me new value but same old value.
I am trying to update value for http://wso2.org/claims/identity/failedLoginAttempts
Here's what I found in logs in WSO2 though SOAP service does not return any faults.
[2017-03-22 16:03:20,012] WARN {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} - Illegal access attempt at [2017-03-22 16:03:20,0012] from IP address 127.0.0.1 while trying to authenticate access to service RemoteUserStoreManagerService
Any help is very much appreciated!
Regards,
Sagar Shah
It looks like you have enabled both identityMgtEventListeners in identity.xml file.
Either
org.wso2.carbon.identity.mgt.IdentityMgtEventListener
or
org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener
Should be enabled at once.
Thanks
Isura.
I have a issue where the user's FailedLoginAttempt is not getting reset to 0 after one successful login action.

WSO2 AuthenticationAdmin Logout

I am working with version 4.1.0 of the WSO2 Identity Server. I have used the WSO2 AuthenticationAdmin services (localhost:9443/services/AuthenticationAdmin) to login, check authenticator, etc. There is also an operation for 'logout'.
When soapUI generates the logout request, it does not contain any noteworthy elements, as is confirmed by the schema (xsd) with the namespace http://authentication.services.core.carbon.wso2.org. The SOAP request body is as follows.
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:aut="http://authentication.services.core.carbon.wso2.org">
<soap:Header/>
<soap:Body>
<aut:logout/>
</soap:Body>
</soap:Envelope>
When sending a request, the RAW response is as follows.
HTTP/1.1 202 Accepted
Date: Wed, 26 Jun 2013 08:29:48 GMT
Server: WSO2 Carbon Server
Content-Type: text/xml;charset=UTF-8
Set-Cookie: JSESSIONID=94784CC9FC03E9FA3822CFDDAD0D36F6; Path=/; Secure; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
First of all, do I think there is no SOAP message in the response. Also, the HTTP status is 202, which means that the request is accepted for processing, but the processing has not yet been completed.
How do I logout with this service?
What elements should be added to the < aut:logout > ?
Should a JSESSIONID be added to the header of the request?
How can this logout be combined with the loginWithRememberMeOption ?
------- UPDATE
After reviewing the xsd I saw that a wsa:action must be added to the SOAP Header. After doing this, I received the following reply. This reply asks for a MessageID. But I am not sure what this value should be.
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsa:Action>http://www.w3.org/2005/08/addressing/fault</wsa:Action>
</soapenv:Header>
<soapenv:Body>
<soapenv:Fault>
<soapenv:Code>
<soapenv:Value>soapenv:Sender</soapenv:Value>
<soapenv:Subcode>
<soapenv:Value xmlns:wsa="http://www.w3.org/2005/08/addressing">wsa:MessageAddressingHeaderRequired</soapenv:Value>
</soapenv:Subcode>
</soapenv:Code>
<soapenv:Reason>
<soapenv:Text xml:lang="en-US">A required header representing a Message Addressing Property is not present</soapenv:Text>
</soapenv:Reason>
<soapenv:Detail>
<wsa:ProblemHeaderQName xmlns:wsa="http://www.w3.org/2005/08/addressing">wsa:MessageID</wsa:ProblemHeaderQName>
</soapenv:Detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
When adding a generated MessageID, the is once again an empty SOAP reply with a HTTP 202 status.
The logout method just invalidates the session.
You just call the logout operation as it is from the soapUI. There are no parameters to it.
If you look at the AuthenticationAdmin WSDL, you can see that there is no output for logout operation. That's why you get HTTP 202 status code.
You can view the WSDL by changing <HideAdminServiceWSDLs> configuration to false in carbon.xml (/repository/conf/carbon.xml)
<HideAdminServiceWSDLs>false</HideAdminServiceWSDLs>
Type following in your browser to view the WSDL.
https://:9443/services/AuthenticationAdmin?wsdl
I hope this helps!

WCF Callbacks on Remote Computers within Same Network

I have a WCF client & service, where service (which is hosted inside a console app) calls back to client using ever so standard WSDualHttpBinding with WSDualHttpSecurityMode.None. It's all fine and dandy when hosted on a local machine, but as soon as I move service to a computer other than my local machine (but on the same network), client cannot connect to the service anymore.
MEX is working fine, I can get hold of WSDL and all that. After capturing outbound traffic with Fiddler, here's what I got:
POST /chinchillin HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8
Host: 192.168.0.98:8080
Content-Length: 916
Expect: 100-continue
Connection: Keep-Alive
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequence</a:Action>
<a:MessageID>urn:uuid:aa317faa-f32e-4cbc-a6a3-5fdbc9f80fe6</a:MessageID>
<a:ReplyTo>
<a:Address>http://agogolev.ad.alponline.ru/Temporary_Listen_Addresses/f423a1ae-573a-4c14-9a64-c4ed26fc6366/3069625c-d37a-4de2-8f92-e078b51f01d5</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">http://192.168.0.98:8080/chinchillin</a:To>
</s:Header>
<s:Body>
<CreateSequence xmlns="http://schemas.xmlsoap.org/ws/2005/02/rm">
<AcksTo>
<a:Address>http://agogolev.ad.alponline.ru/Temporary_Listen_Addresses/f423a1ae-573a-4c14-9a64-c4ed26fc6366/3069625c-d37a-4de2-8f92-e078b51f01d5</a:Address>
</AcksTo>
<Offer>
<Identifier>urn:uuid:7d198ab8-4fed-4f62-a76b-6e2ae2a13dda</Identifier>
</Offer>
</CreateSequence>
</s:Body>
</s:Envelope>
HTTP/1.1 202 Accepted
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 08 Feb 2010 08:41:48 GMT
I tried turning off firewalls on both machines, registered URL ACL with netsh -c http add urlacl url=http://+:8080/chinchillin user=domain\user. None of this helped.
How can I get callbacks to work in this scenario?
Got it figured. The server I moved the service part of my app to was not inside an AD domain and could not resolve http://agogolev.ad.alponline.ru.