WS-Addressing Test Cases

SOAP 1.2 One-Way Message Exchange with Invalid [Action] Value. 1

SOAP 1.2 Two-Way Message Exchange with a Non-Anonymous [ReplyTo] Address 2

SOAP 1.2 Two-Way Message Exchange with Invalid [Action] Value. 5

SOAP 1.2 Two-Way Message Exchange with Fault and a Non-Anonymous [FaultTo] Address 7

SOAP 1.2 Two-Way Secure Message Exchange with Anonymous [ReplyTo] Address 10

SOAP 1.2 Two-Way Secure Message Exchange with Non-Anonymous [ReplyTo] Address 18

Introduction

This document proposes a set of additional test cases for the W3C Candidate Recommendations for WS-Addressing 1.0 – Core (http://www.w3.org/TR/2005/CR-ws-addr-core-20050817/) and WS-Addressing 1.0 – SOAP Binding (http://www.w3.org/TR/2005/CR-ws-addr-soap-20050817/).

SOAP 1.2 One-Way Message Exchange with Invalid [Action] Value

This scenario tests a one-way message exchange with an [Action] that is not supported by the service.

Message Exchange

Client sends a SOAP message to the Server in a POST request
Server sends an HTTP 202 to the Client

Message Structure

Elements and Attributes:

Name	Present?	Comments
Action	Yes	Value: http://example.com/ServicePortType/BadAction
MessageID	Optional	Value: A URI that is unique for each ping request
To	Yes	Value: The URI of the Service
Security	No
Body	Yes	Value: An element containing a client-defined string

HTTP Request:

<s:Envelope

xmlns:s="http://www.w3.org/2003/05/soap-envelope"

xmlns:a="http://schemas.xmlsoap.org/ws/2005/08/addressing">

<s:Header>

<a:Action s:mustUnderstand="1">http://example.com/ServicePortType/BadAction</a:Action>

<a:To>http://example.com/InteropService/Ping</a:To>

</s:Header>

<s:Body>

<Ping>Hello</Ping>

</Ping>

</s:Body>

</s:Envelope>

HTTP Response: HTTP 202 Accepted

SOAP 1.2 Two-Way Message Exchange with a Non-Anonymous [ReplyTo] Address

This scenario tests a two-way message exchange with an address in the [ReplyTo] that is not the anonymous address.

Message Exchange

Client sends a SOAP request message to the Server in a POST request
Server sends an HTTP 202 Accepted to the Client
Server sends a SOAP response message to the Client in a POST request
Client sends an HTTP 202 Accepted to the Server

Request Message Structure

Elements and Attributes:

Name	Present?	Comments
Action	Yes	Value: http://example.com/ServicePortType/EchoString
ReplyTo	Yes
Address	Yes	Value: The URI of the endpoint expecting the response
ReferenceParameters	No
Extensions	Optional	Implementations are encouraged to include elements and attributes that leverage the open content model of the EndpointReference. Services should correctly handle EndpointReferences that include custom elements and attributes.
Metadata	Optional	Implementations MAY include a Metadata element in the ReplyTo header.
MessageID	Yes	Value: A URI that is unique for each message
To	Yes	Value: The URI of the Service
Security	No
Body	Yes	Value: An element containing a client-defined string

HTTP Request (Client to Service):

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://schemas.xmlsoap.org/ws/2005/08/addressing">

<s:Header>

<a:Action s:mustUnderstand="1">http://example.com/ServicePortType/EchoString</a:Action>

<a:MessageID>urn:uuid:b00f7130-9e03-47e9-bb2b-e54bb2d04355</a:MessageID>

<a:ReplyTo>

<a:Address>http://example.com/5bab2987-4f3c-40ba-8702-0d3af7b48fa6</a:Address>

</a:ReplyTo>

<a:To>http://example.com/InteropService/Echo</a:To>

</s:Header>

<s:Body>

</EchoString>

</s:Body>

</s:Envelope>

HTTP Response: HTTP 202 Accepted

Response Message Structure

Elements and Attributes:

Name	Present?	Comments
Action	Yes	Value: http://example.com/ServicePortType/EchoStringResponse
RelatesTo	Yes	Value: The MessageID specified in the request message
@RelationshipType	Optional	If present, it MUST contain the value: http://www.w3.org/2005/08/addressing/reply
MessageID	Optional	Value: A URI that is unique for each message
To	Yes	Value: The URI passed into ReplyTo\Address
Security	No
Body	Yes	Value: An element containing the string from the body of the request message

HTTP Request (Service to Client):

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://schemas.xmlsoap.org/ws/2005/08/addressing">

<s:Header>

<a:Action s:mustUnderstand="1">http://example.com/ServicePortType/EchoStringResponse</a:Action>

<a:RelatesTo>urn:uuid:b00f7130-9e03-47e9-bb2b-e54bb2d04355</a:RelatesTo>

<a:To>http://example.com/5bab2987-4f3c-40ba-8702-0d3af7b48fa6</a:To>

</s:Header>

<s:Body>

</EchoStringResponse>

</s:Body>

</s:Envelope>

HTTP Response: HTTP 202 Accepted

SOAP 1.2 Two-Way Message Exchange with Invalid [Action] Value

This scenario tests a two-way message exchange with an [Action] that is not supported by the service. The server will respond with an Action Not Supported fault.

Message Exchange

Client sends a SOAP message to the Server in a POST request
Server sends an HTTP 500 response with a fault message to the Client

Request Message Structure

Elements and Attributes:

Name	Present?	Comments
Action	Yes	Value: http://example.com/ServicePortType/BadAction
ReplyTo	Optional	If present, it MUST contain an a:Address element of http://www.w3.org/2005/08/addressing/anonymous.
MessageID	Yes	Value: A URI that is unique for each message
To	Yes	Value: The URI of the Service
FaultTo	No
Security	No
Body	Yes	Value: An element containing a client-defined string

HTTP Request:

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://schemas.xmlsoap.org/ws/2005/08/addressing">

<s:Header>

<a:Action s:mustUnderstand="1">http://example.com/ServicePortType/BadAction</a:Action>

<a:MessageID>urn:uuid:bf121bf2-38b7-4910-b8a3-f8ca65437e33</a:MessageID>

<a:ReplyTo>

<a:Address>http://schemas.xmlsoap.org/ws/2005/08/addressing/anonymous</a:Address>

</a:ReplyTo>

<a:To>http://example.com/InteropService/Echo</a:To>

</s:Header>

<s:Body>

</EchoString>

</s:Body>

</s:Envelope>

Response Message Structure

Elements and Attributes:

Name	Present?	Comments
Action	Yes	Value: http://www.w3.org/2005/08/addressing/fault
RelatesTo	Yes	Value: The MessageID specified in the request message
@RelationshipType	Optional	If present, it MUST contain the value: http://www.w3.org/2005/08/addressing/reply
MessageID	Optional	Value: A URI that is unique for each message
To	Optional	If present, it MUST contain the value: http://www.w3.org/2005/08/addressing/anonymous
Security	No
Body	Yes	Value: A SOAP fault with the following values: · [Code] a QName representing the value S:Sender · [Subcode] a QName representing the value a:ActionNotSupported · [Reason] the string: "The [action] cannot be processed at the receiver" · [Details] a <a:ProblemAction> element with a <a:Action> child element

HTTP Response:

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://schemas.xmlsoap.org/ws/2005/08/addressing">

<s:Header>

<a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/fault</a:Action>

<a:RelatesTo>urn:uuid:bf121bf2-38b7-4910-b8a3-f8ca65437e33</a:RelatesTo>

<a:To>http://schemas.xmlsoap.org/ws/2005/08/addressing/anonymous</a:To>

</s:Header>

<s:Body>

<s:Fault>

<s:Code>

<s:Value>s:Sender</S:Value>

<s:Subcode>

<s:Value>a:ActionNotSupported</S:Value>

</s:Subcode>

</s:Code>

<s:Reason>

<s:Text xml:lang="en">The [action] cannot be processed at the receiver</S:Text>

</s:Reason>

<s:Detail>

<a:ProblemAction>

<a:Action>

http://example.com/ServicePortType/BadAction

</a:Action>

</a:ProblemAction>

</s:Detail>

</s:Fault>

</s:Body>

</s:Envelope>

SOAP 1.2 Two-Way Message Exchange with Fault and a Non-Anonymous [FaultTo] Address

This scenario tests a two-way message exchange where the service generates a fault and the request has a non-anonymous [FaultTo].

Message Exchange

Client sends a SOAP message to the Server in a POST request
Server sends HTTP 202 to Client
Server sends a fault to the [FaultTo] endpoint in a POST request
Client sends HTTP 202 to Server

Request Message Structure

Elements and Attributes:

Name	Present?	Comments
Action	Yes	Value: http://example.com/ServicePortType/EchoString
ReplyTo	Yes
Address	Yes	Value: The URI of the endpoint expecting the response
ReferenceParameters	No
FaultTo	Yes
Address	Yes	Value: The URI of the endpoint expecting faults
ReferenceParameters	No
MessageID	Optional	Value: A URI that is unique for each message
To	Yes	Value: The URI of the Service
Security	No
Body	Yes	Value: An element containing a client-defined string

HTTP Request (Client to Service):

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://schemas.xmlsoap.org/ws/2005/08/addressing">

<s:Header>

<a:Action s:mustUnderstand="1">http://example.com/ServicePortType/EchoString</a:Action>

<a:MessageID>urn:uuid:bf121bf2-38b7-4910-b8a3-f8ca65437e33</a:MessageID>

<a:ReplyTo>

<a:Address>http://example.com/5bab2987-4f3c-40ba-8702-0d3af7b48fa6</a:Address>

</a:ReplyTo>

<a:FaultTo>

<a:Address>http://example.com/5bab2987-4f3c-40ba-8702-0d3af7b48fa6</a:Address>

</a:FaultTo>

<a:To>http://example.com/InteropService/Echo</a:To>

</s:Header>

<s:Body>

</EchoString>

</s:Body>

</s:Envelope>

HTTP Response: HTTP 202 Accepted

Response Message Structure

Elements and Attributes:

Name	Present?	Comments
Action	Yes	Value: http://example.com/ServicePortType/EchoFault
RelatesTo	Yes	Value: The MessageID specified in the request message
@RelationshipType	Optional	If present, it MUST contain the value: http://www.w3.org/2005/08/addressing/reply
MessageID	Yes	Value: A URI that is unique for each message
To	Yes	Value: The URI passed in the FaultTo\Address
Security	No
Body	Yes	Value: A SOAP Fault

HTTP Request (Service to Client):

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://schemas.xmlsoap.org/ws/2005/08/addressing">

<s:Header>

<a:Action s:mustUnderstand="1">http://example.com/ServicePortType/EchoFault</a:Action>

<a:RelatesTo>urn:uuid:bf121bf2-38b7-4910-b8a3-f8ca65437e33</a:RelatesTo>

<a:To>http://example.com/5bab2987-4f3c-40ba-8702-0d3af7b48fa6</a:To>

</s:Header>

<s:Body>

<s:Fault>

<s:Code>

<s:Value>s:Sender</S:Value>

</s:Code>

<s:Reason>

<s:Text xml:lang="en">There was an error</S:Text>

</s:Reason>

<s:Detail>

</s:Detail>

</s:Fault>

</s:Body>

</s:Envelope>

HTTP Response: HTTP 202 Accepted

SOAP 1.2 Two-Way Secure Message Exchange with Anonymous [ReplyTo] Address

This scenario tests a two-way message exchange where both request and response must be signed and encrypted. In this scenario, the requester uses an anonymous [ReplyTo].

Message Exchange

Client sends a signed and encrypted request message to the Server in a POST request
Server sends an HTTP 200 response with a signed and encrypted response message to Client

Request Message Structure

Elements and Attributes:

Name	Present?	Comments
Action	Yes	Value: http://example.com/ServicePortType/EchoString
ReplyTo	Yes
Address	Yes	Value: http://www.w3.org/2005/08/addressing/anonymous
ReferenceParameters	Yes	<rp1:CustomerID xmlns:rp1="http://example.com/RP/Headers">12</rp1:CustomerID>
MessageID	Yes	Value: A URI that is unique for each message
To	Yes	Value: The URI of the Service
Security	Yes	Value: A security header containing u:TimeStamp, s:BinarySecurityToken, s:EncryptedKey with encrypted symmetric key used to encrypt the content of the Body, Signature over Address Headers, TimeStamp, and Body.
Body	Yes	Value: An element containing a client-defined string

HTTP Request:

<s:Envelope

xmlns:a="http://schemas.xmlsoap.org/ws/2005/08/addressing"

xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"

xmlns:s="http://www.w3.org/2003/05/soap-envelope">

<s:Header>

<a:Action u:Id="_0" s:mustUnderstand="1">

http://example.com/ServicePortType/EchoString

</a:Action>

<a:MessageID u:Id="_1">

urn:uuid:ad6bb0e4-d83d-4600-ad15-244e291b1af6

</a:MessageID>

<a:ReplyTo u:Id="_2">

<a:Address>

http://schemas.xmlsoap.org/ws/2005/08/addressing/anonymous

</a:Address>

<a:ReferenceParameters>

<rp1:CustomerID xmlns:rp1="http://example.com/RP/Headers">

</rp1:CustomerID>

</a:ReferenceParameters>

</a:ReplyTo>

<a:To u:Id="_3">

http://localhost/pdcmtom/svc/service.svc/SecureMtom

</a:To>

<o:Security s:mustUnderstand="1"

xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

<u:Timestamp u:Id="uuid-553de6ca-99d7-4c1d-9d69-38fef21c75f8-5">

<u:Created>2005-09-27T14:53:37.172Z</u:Created>

<u:Expires>2005-09-27T14:58:37.172Z</u:Expires>

</u:Timestamp>

<o:BinarySecurityToken

u:Id="uuid-553de6ca-99d7-4c1d-9d69-38fef21c75f8-2"

ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">

</o:BinarySecurityToken>

<e:EncryptedKey u:Id="_5"

xmlns:e="http://www.w3.org/2001/04/xmlenc#">

<e:EncryptionMethod

Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />

<o:SecurityTokenReference>

<o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">Xeg55vRyK3ZhAEhEf+YT0z986L0=</o:KeyIdentifier>

</o:SecurityTokenReference>

</KeyInfo>

<e:CipherData>

<e:CipherValue>DmuXbdY5n8VE/5d5DlYkhwadFlrK3krae1OGrFxzVXQCryB5LeBIp9Vu1aMsBFCpDanvG+2+ybxB0sXymHFv1te0FO98IV/oadVlXmHiJW0uxVRlllODipiaRRqtNxVRPf1cvg1fi4vDvJY+UGd3IiR8EIIlv9Zx5/kKmwtkRSA=</e:CipherValue>

</e:CipherData>

<e:ReferenceList>

<e:DataReference URI="#_6" />

</e:ReferenceList>

</e:EncryptedKey>

<CanonicalizationMethod

Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

<SignatureMethod

Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />

<Reference

URI="#uuid-553de6ca-99d7-4c1d-9d69-38fef21c75f8-5">

</Transforms>

<DigestMethod

Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />

<DigestValue>aS+FDYG4LKrNyntSHbGc+HxqPh8=</DigestValue>

</Reference>

</Transforms>

<DigestMethod

Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />

<DigestValue>p3pOg4BZw8kZsN+jonJj+cHH6oE=</DigestValue>

</Reference>

</Transforms>

<DigestMethod

Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />

<DigestValue>LFzaXjZ+FUftSK3qsIvc34XKUzU=</DigestValue>

</Reference>

</Transforms>

<DigestValue>aF7hmVRuE93WcW8oz8jWiwtcwNo=</DigestValue>

</Reference>

</Transforms>

<DigestValue>LHRBiHST

FuO3ZZ4+VzWjes6Pxwo=</DigestValue>

</Reference>

</Transforms>

<DigestValue>4Jivry4hy7EH7UDjrLPEjMWWF5s=</DigestValue>

</Reference>

</SignedInfo>

<SignatureValue>Tav8Vri1u9h1zrinCbBpOazkr442bwgSHm2flZb+z2b0741MSDchrCPQvdCnRmvf9GxrLK16MC1wjRz3SjZqTrCWozAwDXQIbOoaAEau1Xi3jNQUGQ6LJ/8uFJBFnmSPn9fZm1btPZSmt/MfoNiWpaT5YdxqQTDFaFGm1v4Sa+I=</SignatureValue>

<o:SecurityTokenReference>

<o:Reference URI="#uuid-553de6ca-99d7-4c1d-9d69-38fef21c75f8-2" />

</o:SecurityTokenReference>

</KeyInfo>

</Signature>

</o:Security>

</s:Header>

<s:Body>

<e:EncryptedData u:Id="_6"

Type="http://www.w3.org/2001/04/xmlenc#Content"

xmlns:e="http://www.w3.org/2001/04/xmlenc#">

<e:EncryptionMethod

Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />

<e:CipherData>

<e:CipherValue>

<!-- encrypted content of the Body

</EchoString>

-->

</e:CipherValue>

</e:CipherData>

</e:EncryptedData>

</s:Body>

</s:Envelope>

Response Message Structure

Elements and Attributes:

Name	Present?	Comments
Action	Yes	Value: http://example.com/ServicePortType/EchoStringResponse
RelatesTo	Yes	Value: The MessageID specified in the request message
@RelationshipType	Optional	If present, it MUST contain the value: http://www.w3.org/2005/08/addressing/reply
MessageID	Optional	Value: A URI that is unique for each message
To	Optional	If present, it MUST contain the value: http://www.w3.org/2005/08/addressing/anonymous
Reference Parameter Headers	Yes	<rp1:CustomerID a:IsReferenceParameter="true" xmlns:rp1="http://example.com/RP/Headers">12</rp1:CustomerID>
Security	Yes	Value: Security header containing u:TimeStamp, s:BinarySecurityToken, s:EncryptedKey with encrypted symmetric key used to encrypt the content of the Body, Signature over addressing headers , reference parameter header, TimeStamp, Body.
Body	Yes	Value: enc:EncryptedData with encrypted content of the response Body

HTTP Response:

<s:Envelope

xmlns:s="http://www.w3.org/2003/05/soap-envelope"

xmlns:a="http://schemas.xmlsoap.org/ws/2005/08/addressing"

xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">

<s:Header>

<a:Action u:Id="_0" s:mustUnderstand="1">http://example.com/ServicePortType/EchoStringResponse</a:Action>

<a:RelatesTo u:Id="_1">urn:uuid:ad6bb0e4-d83d-4600-ad15-244e291b1af6</a:RelatesTo>

<a:To u:Id="_2">http://schemas.xmlsoap.org/ws/2005/08/addressing/anonymous</a:To>

<rp1:CustomerID a:IsReferenceParameter="1"

u:Id="_3" xmlns:rp1="http://example.com/RP/Headers">

</rp1:CustomerID>

<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

<e:EncryptedKey u:Id="_4" xmlns:e="http://www.w3.org/2001/04/xmlenc#">

<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />

<o:SecurityTokenReference>

<o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">CuJdE1B2dUFd1dkLZSzQ5vj6MYg=</o:KeyIdentifier>

</o:SecurityTokenReference>

</KeyInfo>

<e:CipherData>

<e:CipherValue>c/N3gV8hnvMV7gTkRPO5fm2aJRaGLSzC4z3nbZf6XpyUIZx925u5OG59SgqToyFgwLq3d8xg6FEPW+k2D98jYAzU5wiVov2gaJJFtGQ1puggTjxQ0iP81la1ouDvQLbx9wJRYeluE743sO0V/lp3895Rsr6CsURMkAmUQwXBU/k=</e:CipherValue>

</e:CipherData>

<e:ReferenceList>

<e:DataReference URI="#_5" />

</e:ReferenceList>

</e:EncryptedKey>

</Transforms>

<DigestValue>yfFxAukMbZ0ZBUPYqZrm6oLzLVw=</DigestValue>

</Reference>

</Transforms>

<DigestValue>43F9sURORzByIJd8VamgAMAhiFk=</DigestValue>

</Reference>

</Transforms>

<DigestValue>ZtF0YtOyigSi9E1t5oG3YoC7rO8=</DigestValue>

</Reference>

</Transforms>

<DigestValue>Anbw+ul9b/IbbJsE2uYuwsvYKk0=</DigestValue>

</Reference>

</Transforms>

<DigestValue>jNWPUSDVJNtSAzccjkaPTBCI1Fs=</DigestValue>

</Reference>

</Transforms>

<DigestValue>jNFGHJFDBCI1Fs=</DigestValue>

</Reference>

</SignedInfo>

<SignatureValue>lll3ZF5RoW4iEyB/eMVDMYD1OuWBr5DGt9Tp8qRP7JcsPkACTXjh8wflBMBmX/jaYBFZqD6OdHWui8omUAjRKbLi9VeoQXnLMCElZjwBDmrx6yTIQBrGjuwyAWZFkZU9IVf66klZZZGZ2eJWPhk2idyBykbD4SU9oIcE+yaNUqw=</SignatureValue>

<o:SecurityTokenReference>

<o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">Xeg55vRyK3ZhAEhEf+YT0z986L0=</o:KeyIdentifier>

</o:SecurityTokenReference>

</KeyInfo>

</Signature>

<u:Timestamp u:Id="uuid-137b1cf1-a094-41ca-bc08-04290cd1db0d-8">

<u:Created>2005-09-27T14:53:39.106Z</u:Created>

<u:Expires>2005-09-27T14:58:39.106Z</u:Expires>

</u:Timestamp>

</o:Security>

</s:Header>

<s:Body>

<e:EncryptedData u:Id="_5" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:e="http://www.w3.org/2001/04/xmlenc#">

<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />

<e:CipherData>

<e:CipherValue>

<!-- Encrypted content of the Body

</EchoStringResponse>

-->

</e:CipherValue>

</e:CipherData>

</e:EncryptedData>

</s:Body>

</s:Envelope>

SOAP 1.2 Two-Way Secure Message Exchange with Non-Anonymous [ReplyTo] Address

This scenario tests a two-way message exchange where both request and response must be signed and encrypted. In this scenario, the requester uses a non-anonymous [ReplyTo].

Message Exchange

Client sends a signed and encrypted request message to the Server in a POST request
Server sends an HTTP 200 response with a signed and encrypted response message to Client

Request Message Structure

Elements and Attributes:

Name	Present?	Comments
Action	Yes	Value: http://example.com/ServicePortType/EchoString
ReplyTo	Yes
Address	Yes	Value: The URI of the endpoint expecting the response
ReferenceParameters	Yes	<rp1:CustomerID xmlns:rp1="http://example.com/RP/Headers">12</rp1:CustomerID>
MessageID	Yes	Value: A URI that is unique for each message
To	Yes	Value: The URI of the Service
Security	Yes	Value: A security header containing u:TimeStamp, s:BinarySecurityToken, s:EncryptedKey with encrypted symmetric key used to encrypt the content of the Body, Signature over Address Headers, TimeStamp, and Body.
Body	Yes	Value: An element containing a client-defined string

HTTP Request:

<s:Envelope

xmlns:a="http://schemas.xmlsoap.org/ws/2005/08/addressing"

xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"

xmlns:s="http://www.w3.org/2003/05/soap-envelope">

<s:Header>

<a:Action u:Id="_0" s:mustUnderstand="1">

http://example.com/ServicePortType/EchoString

</a:Action>

<a:MessageID u:Id="_1">

urn:uuid:ad6bb0e4-d83d-4600-ad15-244e291b1af6

</a:MessageID>

<a:ReplyTo u:Id="_2">

<a:Address>http://example.com/5bab2987-4f3c-40ba-8702-0d3af7b48fa6</a:Address>

<a:ReferenceParameters>

<rp1:CustomerID xmlns:rp1="http://example.com/RP/Headers">

</rp1:CustomerID>

</a:ReferenceParameters>

</a:ReplyTo>

<a:To u:Id="_3">

http://localhost/pdcmtom/svc/service.svc/SecureMtom

</a:To>

<o:Security s:mustUnderstand="1"

xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

<u:Timestamp u:Id="uuid-553de6ca-99d7-4c1d-9d69-38fef21c75f8-5">

<u:Created>2005-09-27T14:53:37.172Z</u:Created>

<u:Expires>2005-09-27T14:58:37.172Z</u:Expires>

</u:Timestamp>

<o:BinarySecurityToken

u:Id="uuid-553de6ca-99d7-4c1d-9d69-38fef21c75f8-2"

ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">

</o:BinarySecurityToken>

<e:EncryptedKey u:Id="_5"

xmlns:e="http://www.w3.org/2001/04/xmlenc#">

<e:EncryptionMethod

Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />

<o:SecurityTokenReference>

<o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">Xeg55vRyK3ZhAEhEf+YT0z986L0=</o:KeyIdentifier>

</o:SecurityTokenReference>

</KeyInfo>

<e:CipherData>

</e:CipherData>

<e:ReferenceList>

<e:DataReference URI="#_6" />

</e:ReferenceList>

</e:EncryptedKey>

<CanonicalizationMethod

Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

<SignatureMethod

Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />

<Reference

URI="#uuid-553de6ca-99d7-4c1d-9d69-38fef21c75f8-5">

</Transforms>

<DigestMethod

Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />

<DigestValue>aS+FDYG4LKrNyntSHbGc+HxqPh8=</DigestValue>

</Reference>

</Transforms>

<DigestMethod

Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />

<DigestValue>p3pOg4BZw8kZsN+jonJj+cHH6oE=</DigestValue>

</Reference>

</Transforms>

<DigestMethod

Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />

<DigestValue>LFzaXjZ+FUftSK3qsIvc34XKUzU=</DigestValue>

</Reference>

</Transforms>

<DigestValue>aF7hmVRuE93WcW8oz8jWiwtcwNo=</DigestValue>

</Reference>

</Transforms>

<DigestValue>LHRBiHST

FuO3ZZ4+VzWjes6Pxwo=</DigestValue>

</Reference>

</Transforms>

<DigestValue>4Jivry4hy7EH7UDjrLPEjMWWF5s=</DigestValue>

</Reference>

</SignedInfo>

<o:SecurityTokenReference>

<o:Reference URI="#uuid-553de6ca-99d7-4c1d-9d69-38fef21c75f8-2" />

</o:SecurityTokenReference>

</KeyInfo>

</Signature>

</o:Security>

</s:Header>

<s:Body>

<e:EncryptedData u:Id="_6"

Type="http://www.w3.org/2001/04/xmlenc#Content"

xmlns:e="http://www.w3.org/2001/04/xmlenc#">

<e:EncryptionMethod

Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />

<e:CipherData>

<e:CipherValue>

<!-- encrypted content of the Body

</EchoString>

-->

</e:CipherValue>

</e:CipherData>

</e:EncryptedData>

</s:Body>

</s:Envelope>

Response Message Structure

Elements and Attributes:

Name	Present?	Comments
Action	Yes	Value: http://example.com/ServicePortType/EchoStringResponse
RelatesTo	Yes	Value: The MessageID specified in the request message
@RelationshipType	Optional	If present, it MUST contain the value: http://www.w3.org/2005/08/addressing/reply
MessageID	Optional	Value: A URI that is unique for each message
To	Optional	Value: The URI passed into ReplyTo\Address
Reference Parameter Headers	Yes	<rp1:CustomerID a:IsReferenceParameter="true" xmlns:rp1="http://example.com/RP/Headers">12</rp1:CustomerID>
Security	Yes	Value: Security header containing u:TimeStamp, s:BinarySecurityToken, s:EncryptedKey with encrypted symmetric key used to encrypt the content of the Body, Signature over addressing headers , reference parameter header, TimeStamp, Body.
Body	Yes	Value: enc:EncryptedData with encrypted content of the response Body

HTTP Response:

<s:Envelope

xmlns:s="http://www.w3.org/2003/05/soap-envelope"

xmlns:a="http://schemas.xmlsoap.org/ws/2005/08/addressing"

xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">

<s:Header>

<a:Action u:Id="_0" s:mustUnderstand="1">

http://example.com/ServicePortType/EchoStringResponse

</a:Action>

<a:RelatesTo u:Id="_1">

urn:uuid:ad6bb0e4-d83d-4600-ad15-244e291b1af6

</a:RelatesTo>

<a:To u:Id="_2">http://example.com/5bab2987-4f3c-40ba-8702-0d3af7b48fa6</a:To>

<rp1:CustomerID a:IsReferenceParameter="1"

u:Id="_3" xmlns:rp1="http://example.com/RP/Headers">

</rp1:CustomerID>

<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

<e:EncryptedKey u:Id="_4" xmlns:e="http://www.w3.org/2001/04/xmlenc#">

<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />

<o:SecurityTokenReference>

<o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">CuJdE1B2dUFd1dkLZSzQ5vj6MYg=</o:KeyIdentifier>

</o:SecurityTokenReference>

</KeyInfo>

<e:CipherData>

</e:CipherData>

<e:ReferenceList>

<e:DataReference URI="#_5" />

</e:ReferenceList>

</e:EncryptedKey>

</Transforms>

<DigestValue>yfFxAukMbZ0ZBUPYqZrm6oLzLVw=</DigestValue>

</Reference>

</Transforms>

<DigestValue>43F9sURORzByIJd8VamgAMAhiFk=</DigestValue>

</Reference>

</Transforms>

<DigestValue>ZtF0YtOyigSi9E1t5oG3YoC7rO8=</DigestValue>

</Reference>

</Transforms>

<DigestValue>Anbw+ul9b/IbbJsE2uYuwsvYKk0=</DigestValue>

</Reference>

</Transforms>

<DigestValue>jNWPUSDVJNtSAzccjkaPTBCI1Fs=</DigestValue>

</Reference>

</Transforms>

<DigestValue>jNFGHJFDBCI1Fs=</DigestValue>

</Reference>

</SignedInfo>

<o:SecurityTokenReference>

<o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">Xeg55vRyK3ZhAEhEf+YT0z986L0=</o:KeyIdentifier>

</o:SecurityTokenReference>

</KeyInfo>

</Signature>

<u:Timestamp u:Id="uuid-137b1cf1-a094-41ca-bc08-04290cd1db0d-8">

<u:Created>2005-09-27T14:53:39.106Z</u:Created>

<u:Expires>2005-09-27T14:58:39.106Z</u:Expires>

</u:Timestamp>

</o:Security>

</s:Header>

<s:Body>

<e:EncryptedData u:Id="_5" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:e="http://www.w3.org/2001/04/xmlenc#">

<e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />

<e:CipherData>

<e:CipherValue>

<!-- Encrypted content of the Body

</EchoStringResponse>

-->

</e:CipherValue>

</e:CipherData>

</e:EncryptedData>

</s:Body>

</s:Envelope>