Friday, January 24, 2014

More EBS-EDT errors

@YaronNaveh

In my recent post I have discussed some of the basic errors you may get when trying to consume EBS-EDT with WCF. Here are some more errors you should be aware of:

Error 1:

policy rejected

If the server returns the above error it typically means that you have issues with some values of elements of your request. Either you are using an older WSDL version, or you have given wrong values in some of the fields (e.g. auditID). This might also be related to using a mix of authenticaiton formats (MSA and IDP) instead of just using one of them and setting the other to null.

Error 2:

The algorithm 'http://www.w3.org/2000/09/xmldsig#sha1' is not accepted for operation 'Digest' by algorithm suite Basic128Sha256Rsa15

or:

The algorithm 'http://www.w3.org/2000/09/xmldsig#sha256' is not accepted for operation 'Digest' by algorithm suite Basic128Rsa15

This error is thrown by WCF when it tries to validate the response signature. This happens because the signature uses a mix of SHA1 and SHA256 hash algorithms. There is nothing you can do to make WCF accept this. What you should do is implement a custom encoder (which you probably do anyway if you have read my last post) and in the encoder validate the signature by yourself and then remove it from the SOAP.
EDIT: Dwayne McKnight has commented that there is a way around a custom encoder.

@YaronNaveh

What's next? get this blog rss updates or register for mail updates!

2 comments:

Dwayne McKnight said...

Thanks for your blog it helped me solved some of the issue I had. I was able to solve Error 2 using Custom SecurityPolicyAssertion, see my post at http://stackoverflow.com/questions/20569219/the-algorithm-http-www-w3-org-2001-04-xmldsig-morersa-sha256-is-not-accepte

Yaron Naveh (MVP) said...

Thanks Dwayne - great to know that, I will add this to the post.