Hi all,
I’ve implemented an WebService in webMethods. When it is called by another system (Apache-AXIS) I gent the error:
SOAPException: [ISS.0088.9117] One or more header entries were not understood by the SOAP processor
I know they are sending WSSSL-/Security-Info in the header.
Any chance to get more information / to switch off the processing of that header parts / to continue without exception?
If the default IS soap processor receives a soap request that contains header entries that have a “SOAP-ENV:MustUnderstand” attribute set to “1” or “true”, it will correctly generate the error message you are seeing.
In essence, your Axis client is saying here’s a soap request, but in order to process it you MUST understand how to deal with this soap header. Per the SOAP spec, soap processors must reject messages that contain header elements that they don’t understand with a soap fault when the MustUnderstand attribute is present and set to “true”.
I think you have two options:
Modify the Axis soap client to either not send the soap header or send the header but without the MustUnderstand attribute or with the attribute set to a value of “false”
Create a custom soap processor that will process the supplied soap header as required by the client.
Hi Mark,
thanks for that reply, I’ll try the 2nd option, because that’s in my hand, I cannot change the clients to not send the “MustUnderstand”.
Regards
Rolf
I assume your organization created the web service. If so, you created its interface (input / output signature) and perhaps a WSDL file that describes that in web services terms. You also set the security model according to the needs of your application presumably in compliance with your organization’s security policies.
Assuming the above is true, you control what represents a valid request for the service you are providing not the consumer.
Now perhaps the consumer is an internal one who is following your orgnaization’s web services security policy more closely than your application is at this moment. In that case, I would accept that you need to handle the existing request differently to correctly process the header they are sending and requiring you to understand.