Share this page
Protecting custom headers
When an operation uses SOAP headers, VuGen does not automatically sign or encrypt them. To incorporate a protection scheme such as a signature or encryption, you must manually add the following information to the scenario's configuration file (.stss) in the behavior element:
-
soapAction of the relevant operation
-
The header XML name and namespace
-
The protection level
The following example shows an outgoing message with the soapAction, http://mySoapAction. The XML element header1 from namespace http://myServiceNamespace is encrypted and signed. The header2 element from the same namespace is only signed.
<protocols ...>
...
<behaviors>
<contractBehaviors>
<behavior>
<channelProtectionBehavior>
<protectionRequirements action="http://mySoapAction">
<incomingEncryptionParts>
<header localName="header1" namespace="http://myServiceNamespace" />
</incomingEncryptionParts>
<incomingSignatureParts>
<header localName="header1" namespace=" http://myServiceNamespace " />
<header localName="header2" namespace=" http://myServiceNamespace " />
</incomingSignatureParts>
</protectionRequirements>
</channelProtectionBehavior>
</behavior>
</contractBehaviors>
</behaviors>
</protocols>
