7 Replies Latest reply on Jul 24, 2006 11:52 PM by BKBK

    SOAP response problem

      I'm trying to work with some third party web services that handle authentication through values passed as SOAP headers. I know that there have been some issues in previous versions of CF in getting/setting SOAP headers, but my problem seems to be in the processing CF itself is doing. I have code that looks like this:

        <cfset ws.Authenticate(userName = "un", password = "pw")>
        <cfdump var="#CFCatch#" expand="no">

      This generates (and catches) an Axis fault exception:

       faultCode: { http://schemas.xmlsoap.org/soap/envelope/}MustUnderstand
       faultString: Did not understand "MustUnderstand" header(s):
      { http://xml.apache.org/axis/}stackTrace:
      at org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:96)

      From the output, though, I can see that there is a valid response coming back, and it looks like this:

      <soap:Envelope xmlns:soap=" http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd=" http://www.w3.org/2001/XMLSchema" xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance">
      <soap:Header><AuthorizationToken soap:mustUnderstand="1" xmlns=" http://www.avectra.com/2005/"><Token>{some GUID}</Token></AuthorizationToken></soap:Header>
      <soap:Body><AuthenticateResponse xmlns=" http://www.avectra.com/2005/"/></soap:Body>

      The obvious conclusion is that CF just doesn't handle response headers with mustUnderstand set, or that there's an underlying Axis bug (but I suspect the former). Obviously, I can work around this by catching exceptions, and processing the response by hand, but it'd be really nice not to have to.

      Is there something I can do on my end to prevent this? Maybe an underlying Java method on the webservice object? Am I just missing something in my relative inexperience with SOAP?
        • 1. Re: SOAP response problem
          Sixten Level 1
          So, is no one consuming services that do this, or is it just not a problem for anyone else?
          • 2. SOAP response problem
            Sixten Level 1
            All right. Clearly not much other experience with this.

            I was able to confirm, with a simple CFC (see below), that the issue really is the mustUnderstand attribute on the response header. If I set that in my CFC, the test page invoking its method throws the SOAP fault in my original post. If I pass false to AddSOAPResponseHeader(), the test page handles the response just fine.

            • 3. Re: SOAP response problem
              BKBK Adobe Community Professional & MVP
              Any changes if you include a namespace, thus:

              • 4. SOAP response problem
                Sixten Level 1

                Originally posted by: BKBK
                Any changes if you include a namespace, thus:

                Well, we don't have any control over the web service itself (which is a third party we're working with, and whose product is already in use all over the place). But I can tell you that for the very simple example CFC I posted above (which I've simplified just a tad more), the raw SOAP response looks like this (note that there is a namespace, as in your example):
                • 5. Re: SOAP response problem
                  BKBK Adobe Community Professional & MVP
                  I actually meant in the request

                  addSOAPRequestHeader(ws, " http://www.avectra.com/2005/", "AuthorizationToken", "<Token>{some GUID}</Token>", true);

                  Please forgive any corruption; just rolled this out off the top.

                  • 6. Re: SOAP response problem
                    Sixten Level 1
                    I'm not sure I understand what you're suggesting. In neither of the examples I've presented (the first one, culled from actual code, or the second reduced example) does the service expect any request headers. The problem comes when the service I'm consuming sends me back a response with some header where mustUnderstand="1".

                    How would setting namespaces on request headers affect that?
                    • 7. Re: SOAP response problem
                      BKBK Adobe Community Professional & MVP
                      My thinking is that there is no harm sending the web service a header that it is included as a standard in its response. If you get a clash or an error, then you will know there is probably something wrong with the header.

                      Coldfusion may handle

                      <myNS:AuthorizationToken soap:mustUnderstand="1" xmlns:myNS=" http://www.avectra.com/2005/">
                      <Token>{some GUID}</Token>

                      better than it does

                      <AuthorizationToken soap:mustUnderstand="1" xmlns=" http://www.avectra.com/2005/">
                      <Token>{some GUID}</Token>

                      I still wonder whether the latter is correct SOAP. However, please take my suggestion for what it is, an informed guess, since we're searching in the dark.