locked
I get 400 when talking to WSMAN service with Negotiate Authorization RRS feed

  • Question

  • Hi, 

    I have been trying to integrate with WSMAN from a custom client that I wrote. Have been struggling with it as it gives a 400 Bad Request error when sending the encrypted body. Without the body, I get 200 OK, it is when I send the first message to WSMAN, I get the error. On the windows machine, I could see that it gives an decryption error. I am not sure how to proceed with debugging as a lot of the keys & everything is negotiated & randomly generated. Will be happy to share code or traces with a rep.

    Thanks,

    Srinath

    Saturday, August 12, 2017 6:08 AM

Answers

  • Edgar, 

    To answer your question, I am doing b) & d). I finally figured that the issue was with using the same rc4 cipher instance for both sealing the sign & sealing the body of the wsmv message. I used different rc4 cipher instances using the exact same key. I found that it doesn't work. Changing this to use the same instance of rc4 instance for both sealing the sign & sealing the body fixes the problem.

    Thanks,

    Srinath

    • Marked as answer by Srinath GS Sunday, August 13, 2017 3:49 PM
    Sunday, August 13, 2017 3:49 PM
  • Hi Srinath,

    We are glad that you have worked out the API details. Indeed, signing and sealing apply to the current authenticated context. Thank you again for confirming resolution.

    Thanks,

    Edgar

    Sunday, August 13, 2017 5:42 PM

All replies

  • Hi Srinath,
    This forum handles requests related to Open Specifications documentation issues. The Open Specifications can be found at: http://msdn2.microsoft.com/en-us/library/cc203350.aspx. 

    When you say "custom client": a) are you implementing your client using Windows API or b) are you implementing your client on a non-Windows platform?
    If the answer is b): c) are you using a third-party API or d) are you implementing MS-WSMV specification? (http://msdn.microsoft.com/en-us/library/cc251526.aspx)
    Otherwise, what specification are you implementing?
    We need a bit of detail on your client to better evaluate your request.
     
    Thanks,
    Edgar
    Saturday, August 12, 2017 5:35 PM
  • Edgar, 

    To answer your question, I am doing b) & d). I finally figured that the issue was with using the same rc4 cipher instance for both sealing the sign & sealing the body of the wsmv message. I used different rc4 cipher instances using the exact same key. I found that it doesn't work. Changing this to use the same instance of rc4 instance for both sealing the sign & sealing the body fixes the problem.

    Thanks,

    Srinath

    • Marked as answer by Srinath GS Sunday, August 13, 2017 3:49 PM
    Sunday, August 13, 2017 3:49 PM
  • Hi Srinath,

    We are glad that you have worked out the API details. Indeed, signing and sealing apply to the current authenticated context. Thank you again for confirming resolution.

    Thanks,

    Edgar

    Sunday, August 13, 2017 5:42 PM