Question

我在Java（Spring）中编写了一个WebService Client，它生成以下SOAP消息

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
    <SOAP-ENV:Header>
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" SOAP-ENV:mustUnderstand="1">
            <wsse:UsernameToken wsu:Id="UsernameToken-636BB26257F688077A14836055821331">
                <wsse:Username>
                    <!-- Removed-->
                </wsse:Username>
                <wsse:Password>
                    <!-- Removed-->
                </wsse:Password>
            </wsse:UsernameToken>
        </wsse:Security>
        <To SOAP-ENV:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">https://fi422helswb035/invoicewstest/ProblematicInvoiceWebService.svc/externalpartnerInvoiceWebService</To>
        <Action SOAP-ENV:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">https://invoice.externalpartner.com/WebServices/IexternalpartnerInvoiceWebService/GetInvoices</Action>
    </SOAP-ENV:Header>
    <SOAP-ENV:Body>
        <ns4:GetInvoices xmlns:ns2="http://schemas.datacontract.org/2004/07/externalpartner.Invoice.Web.Service.Interfaces.Types" xmlns:ns3="http://schemas.datacontract.org/2004/07/externalpartner.Invoice.Web.Service.Interfaces" xmlns:ns4="https://invoice.externalpartner.com/WebServices/" xmlns:ns5="http://schemas.microsoft.com/2003/10/Serialization/" xmlns:ns6="http://schemas.datacontract.org/2004/07/externalpartner.Invoice.Web.Service.Exceptions">
            <customerNumber xmlns="https://invoice.externalpartner.com/WebServices">10134</customerNumber>
        </ns4:GetInvoices>
    </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

此消息在服务器端被拒绝，出现500错误。我可以使用SOAP-UI调用服务;以下消息（由SOAP UI生成）

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="https://invoice.externalpartner.com/WebServices/">
<soapenv:Header>
    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <wsse:UsernameToken wsu:Id="UsernameToken-134751B2732DA1D93F148360576695534">
            <wsse:Username>
                <!-- Removed-->
            </wsse:Username>
            <wsse:Password>
                <!-- Removed-->
            </wsse:Password>
            <wsse:Nonce>
                <!-- Removed-->
            </wsse:Nonce>
            <wsu:Created>2017-01-05T08:42:46.955Z</wsu:Created>
        </wsse:UsernameToken>
    </wsse:Security>
    <To soapenv:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">https://fi422helswb035/invoicewstest/ProblematicInvoiceWebService.svc/externalpartnerInvoiceWebService</To>
    <Action soapenv:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">https://invoice.externalpartner.com/WebServices/IexternalpartnerInvoiceWebService/GetInvoices</Action>
</soapenv:Header>
<soapenv:Body>
    <web:GetInvoices>
        <!-- Optional:-->
        <web:customerNumber>10134</web:customerNumber>
    </web:GetInvoices>
</soapenv:Body>
</soapenv:Envelope>

我能发现的真正区别是接受消息中的前端名称空间声明。 Web命名空间在Envelope元素中声明 - 在我拒绝的请求中，它在元素本身中声明。

显然还缺少一个nonce并创建了元素，但根据Oasis标准，这些并不是强制性的。

问题是; SOAP规范是否规定了命名空间声明的位置？我最好的猜测是被拒绝的SOAP消息是完全有效的，并且这里存在服务器端问题......

SOAP消息中NameSpace声明的位置

0 个答案: