SOAP headers versus HTTP headers

Question

I am working on a program using web services and for that I need to wrap some data as headers for the message.

I want to ask if it is equivalent to place this data as SOAP headers or as HTTP headers?

Answer 1

The SOAP headers contain application specific information related to the SOAP message. They typically contain routing information, authentication information, transaction semantics etc. These are specific to the SOAP message and are independent of the transport that SOAP uses (in the scope of this post: HTTP).

HTTP headers define the operating parameters of the HTTP transaction, like the content type of what's getting transmitted, the content length of it, cache directives for clients or proxies etc. These are specific to HTTP and are independent on what actually gets transmitted with HTTP (in this case the SOAP XML).

You could, of course, use both HTTP headers or SOAP headers to provide application specific information about the SOAP message. The SOAPAction HTTP header was a move in this direction for SOAP 1.1. Although it was useful for servers to efficiently route the messages without the need to look inside the SOAP XML (sometimes impossible if the message is encrypted and only the final receiver knows how to decrypt it) it mostly caused confusion and was later removed in SOAP 1.2 (and in its place is an optional action parameter on the application/soap+xml media type, which again is a value in the HTTP headers... oh well... :D).

As a conclusion, SOAP headers and HTTP headers are not the same. Although to some extent you might substitute SOAP headers with user defined custom HTTP headers, it is most of the times a bad idea.

If the data is for the web service then it should be placed inside the SOAP headers. HTTP headers usually stop at the web server while the SOAP message in it's entirety will be passed downstream to the ultimate receiver who needs the data (maybe even passing through more intermediaries who they might also need it).