Forum Discussion

gpub's avatar
gpub
Occasional Visitor
2 years ago

Getting InvalidSecurity error with Must Understand as None

Hi Team, 

I am unable to resolve this issue 

Try basic Call, Tried execute with below WS- options 

Must Understand = None, 

Must Understand = True, 

Must Understand = False 

 

Response i get 

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<s:Fault>
<faultcode xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">a:InvalidSecurity</faultcode>
<faultstring xml:lang="en-GB">An error occurred when verifying security for the message.</faultstring>
</s:Fault>
</s:Body>
</s:Envelope>
Spoiler
 

 

  • barto's avatar
    barto
    New Contributor

    gpub Can you compare the raw request done on older readyAPI version vs the one on the newer one? For my companies API the new version of readyAPI wasn't sending in the mandatory values in the WS-Security header attributes. I have followed the documentation here to get them set up in their new structure and our requests are working again after the changes. For us we needed to have must understand: 1, nonce and a username and password so I just added the Username attrbute to the Outbound WS-Security config.