Forums - C# Corner

Forum guidelines
Jim McCafferty

Jim McCafferty

  • 1.5k
  • 3
  • 305

Easy way to disable the mustUnderstand attribute?

Nov 7 2016 6:16 AM
Hi,
 
I've implemented a console app which transmits information to a Java SOAP service, using certificate signing (but no encryption). With message level security, the service is complaining specifically about the mustUnderstand attribute on the security header.
 
I following the Microsoft example of implementing a Custom Message Text Encoder - in the write message function I converted the message to a string, performed a replace on MustUnderstand=1 to MustUnderstand=0 and converted the message back to a byte array.
 
The console application is currently transmitting about 80% of the messages, but occasionally security faults are being thrown. At the Write Message stage, the certificate has already signed the message, and I'm wondering if the MustUnderstand change is invalidating the signature. Also, the Service Admin have noticed there are a variable number of null characters after the Soap envelope (these are present in both successful and failing messages).
 
I initially tried modifying the message using a SOAP inspector implementation, but at that stage the security header had not been constructed. I have also implemented an asymmetric security binding element class. Is there a way to specific the mustunderstand attribute in here?
 
Thanks in advance
Jim 
 
 
 

Answers (2)