We developed a WCF4 service with usernameToken authentication, which is consumed by the Java / Axis client (we do not control).
I see that the body of the incoming request looks like this ...
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wss:Security xmlns:wss="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wss:UsernameToken>
<wss:Username>username</wss:Username>
<wss:Password>password</wss:Password>
</wss:UsernameToken>
</wss:Security>
</soapenv:Header>
<soapenv:Body>
{snipped}
</soapenv:Body>
</soapenv:Envelope>
and the answer we return looks like this ...
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2012-05-02T01:23:12.711Z</u:Created>
<u:Expires>2012-05-02T01:28:12.711Z</u:Expires>
</u:Timestamp>
</o:Security>
</s:Header>
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
{snipped}
</s:Body>
</s:Envelope>
The problem is the s: mustUnderstand = "1" attribute in the response. This causes a "Must Understanding check failed" error in the Java / Axis client.
Does anyone know how to configure WCF to remove this s: mustUnderstand attribute, or at least set it to "0" instead of "1"?
source
share