I'm trying to work with some third party web services that
handle authentication through values passed as SOAP headers. I know
that there have been some issues in previous versions of CF in
getting/setting SOAP headers, but my problem seems to be in the
processing CF itself is doing. I have code that looks like this:
<cftry>
<cfset ws.Authenticate(userName = "un", password =
"pw")>
<cfcatch>
<cfdump var="#CFCatch#" expand="no">
</cfcatch>
</cftry>
<pre><cfoutput>#HTMLEditFormat(getSOAPResponse(ws))#</cfoutput></pre>
This generates (and catches) an Axis fault exception:
faultCode: {
http://schemas.xmlsoap.org/soap/envelope/}MustUnderstand
faultSubcode:
faultString: Did not understand "MustUnderstand"
header(s):
faultActor:
faultNode:
faultDetail:
{
http://xml.apache.org/axis/}stackTrace:
at
org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:96)
...
From the output, though, I can see that there is a valid
response coming back, and it looks like this:
<soap:Envelope xmlns:soap="
http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="
http://www.w3.org/2001/XMLSchema"
xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance">
<soap:Header><AuthorizationToken
soap:mustUnderstand="1" xmlns="
http://www.avectra.com/2005/"><Token>{some
GUID}</Token></AuthorizationToken></soap:Header>
<soap:Body><AuthenticateResponse xmlns="
http://www.avectra.com/2005/"/></soap:Body>
</soap:Envelope>
The obvious conclusion is that CF just doesn't handle
response headers with mustUnderstand set, or that there's an
underlying Axis bug (but I suspect the former). Obviously, I can
work around this by catching exceptions, and processing the
response by hand, but it'd be really nice not to have to.
Is there something I can do on my end to prevent this? Maybe
an underlying Java method on the webservice object? Am I just
missing something in my relative inexperience with SOAP?