handling mustUnderstand attribute

Started by José V., January 31, 2022, 04:10:48 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

José V.

January 31, 2022, 04:10:48 PM
We are implementing server side WS-Security headers with usernametoken.

while testing soapUI uses the attribute soapenv:mustUnderstand="1" as default on the request element wsse:Security element.
This triggers a -22 error thrown by com.WebServicesEngine with the detail:
SOAP header not understood
Modify your server code to handle the mustUnderstand attribute. Use the incoming request handler

We are handling the Ws-Security header tags but the mustUnderstand attribute implies that the server must, in some way, report that it is in fact handling that header, as shown here:
https://docs.oracle.com/cd/E19159-01/819-3669/bnbil/index.html

Most frameworks have some simple way of handling this: http://christophd.github.io/blog/soap-mustunderstand/

How can we handle this attribute in Genero?

Frank G.

#1
February 22, 2022, 03:58:56 PM
Hi,

Maybe the documentation about how to handle WS-Security with Genero can help. Take a look here : https://4js.com/online_documentation/fjs-fgl-manual-html/#fgl-topics/c_gws_ssl_security_how_to_001.html .

You will find in the Web Service Demo, an example called WSSecurityMessage with a set of BDL helper functions to manage Soap WS Security Headers. Take a look in the securityHelper.4gl file.

Frank

José V.

#2
March 10, 2022, 06:14:06 PM
After analysis of the demo code i've come to the conclusion that the attribute must be dealt via the input handler function and manually setting the attribute to 0(or false for soap 1.2).
This way the serializer no longer complains.

Thank you for the help!
Print
Go Up Pages1
User actions