Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

SOAP headers versus HTTP headers

I am working on a program using web services and for that I need to wrap some data as headers for the message.

I want to ask if it is equivalent to place this data as SOAP headers or as HTTP headers?

like image 381
rogue lad Avatar asked Jul 12 '12 05:07

rogue lad


People also ask

What is a SOAP header?

The SOAP <Header> is an optional element in a SOAP message. It is used to pass application-related information that is to be processed by SOAP nodes along the message path. The immediate child elements of the <Header> element are called header blocks.

How do I pass HTTP header in SOAP request?

Add(new InspectorBehavior()); that's it, now each SOAP call will be equipped with custom HTTP header "HEADER_WHICH_WE_WANT" with value "Actual Value we want" we specified in our code.

What is the difference between an HTTP header and an HTTP body?

A HTTP body (request) body is the one which carries actual HTTP request data (including form data and uploaded etc.) and HTTP response data from the server ( including files, images etc). While HTTP Request header header can't not contain actual data like as above.


1 Answers

The SOAP headers contain application specific information related to the SOAP message. They typically contain routing information, authentication information, transaction semantics etc. These are specific to the SOAP message and are independent of the transport that SOAP uses (in the scope of this post: HTTP).

HTTP headers define the operating parameters of the HTTP transaction, like the content type of what's getting transmitted, the content length of it, cache directives for clients or proxies etc. These are specific to HTTP and are independent on what actually gets transmitted with HTTP (in this case the SOAP XML).

You could, of course, use both HTTP headers or SOAP headers to provide application specific information about the SOAP message. The SOAPAction HTTP header was a move in this direction for SOAP 1.1. Although it was useful for servers to efficiently route the messages without the need to look inside the SOAP XML (sometimes impossible if the message is encrypted and only the final receiver knows how to decrypt it) it mostly caused confusion and was later removed in SOAP 1.2 (and in its place is an optional action parameter on the application/soap+xml media type, which again is a value in the HTTP headers... oh well... :D).

As a conclusion, SOAP headers and HTTP headers are not the same. Although to some extent you might substitute SOAP headers with user defined custom HTTP headers, it is most of the times a bad idea.

If the data is for the web service then it should be placed inside the SOAP headers. HTTP headers usually stop at the web server while the SOAP message in it's entirety will be passed downstream to the ultimate receiver who needs the data (maybe even passing through more intermediaries who they might also need it).

like image 137
Bogdan Avatar answered Sep 19 '22 13:09

Bogdan