SOAP WS-Addressing MessageId header is always required when receiving message using Addressing10 (http://www.w3.org/2005/08/addressing)

[greenman18523]

org.springframework.ws.soap.addressing.server.AddressingEndpointInterceptor creates the org.springframework.ws.soap.addressing.core.MessageAddressingProperties of the request using org.springframework.ws.soap.addressing.version.AddressingVersion.getMessageAddressingProperties(SoapMessage), and then checks if the required properties are present using org.springframework.ws.soap.addressing.version.AddressingVersion.hasRequiredProperties(MessageAddressingProperties)

getMessageAddressingProperties defaults replyTo and faultTo to anonymous (based in org.springframework.ws.soap.addressing.version.Addressing10.getDefaultReplyTo(EndpointReference)) thus when org.springframework.ws.soap.addressing.version.Addressing10.hasRequiredProperties(MessageAddressingProperties) is called the replyTo and faultTo are never null, but the code only checks if they are not null in order to require messageId.

The code should probably also check if they are anonymous (since anonymous URIs will results in a synchronous response, and not an out of band response) or none address (since reply will be discarded).

[snicoll]

It looks like there's some digging required in b968d48 and how that evolved.

@greenman18523 can you please share a small test that represents the problem you've described? This would help making sure it doesn't happen again.

[greenman18523]

Hello @snicoll ,

Please check if these SOAP messages are good enough for adding to tests, or you wish some more data.

1. Anonymous ReplyTo, without a MessageID, this should be handled and result to a synchronous response.

<S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsa="http://www.w3.org/2005/08/addressing">
    <S:Header>
        <wsa:ReplyTo>
            <wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address>
        </wsa:ReplyTo>
        <wsa:To>mailto:[email protected]</wsa:To>
        <wsa:Action>http://example.com/fabrikam/mail/Delete</wsa:Action>
    </S:Header>
    <S:Body>
        <f:Delete xmlns:f="http://example.com/fabrikam">
            <maxCount>42</maxCount>
        </f:Delete>
    </S:Body>
</S:Envelope>

2. Missing ReplyTo element, without a MessageID, this should be handled and result to a synchronous response.

<S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsa="http://www.w3.org/2005/08/addressing">
    <S:Header>
        <wsa:Action>http://example.com/fabrikam/mail/Delete</wsa:Action>
    </S:Header>
    <S:Body>
        <f:Delete xmlns:f="http://example.com/fabrikam">
            <f:maxCount>42</f:maxCount>
        </f:Delete>
    </S:Body>
</S:Envelope>

3. None ReplyTo, without a MessageID, this should be handled and discard response.

<S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsa="http://www.w3.org/2005/08/addressing">
    <S:Header>
        <wsa:ReplyTo>
            <wsa:Address>http://www.w3.org/2005/08/addressing/none</wsa:Address>
        </wsa:ReplyTo>
        <wsa:To>mailto:[email protected]</wsa:To>
        <wsa:Action>http://example.com/fabrikam/mail/Delete</wsa:Action>
    </S:Header>
    <S:Body>
        <f:Delete xmlns:f="http://example.com/fabrikam">
            <maxCount>42</maxCount>
        </f:Delete>
    </S:Body>
</S:Envelope>

[greenman18523]

Couple more considerations.
In the AddressingInterceptor10Test class there is testNoTo() method, which is missing the @Test annotation.
Also since this test is with a MessageID, the additional tests that require a response should assert that the reply does not have a RelatesTo
e.g.

<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope" xmlns:wsa="http://www.w3.org/2005/08/addressing">
    <env:Header>
        <wsa:MessageID>uid:1234</wsa:MessageID>
        <wsa:To>http://www.w3.org/2005/08/addressing/anonymous</wsa:To>
        <wsa:Action>urn:replyAction</wsa:Action>
    </env:Header>
    <env:Body/>
</env:Envelope>