Require WS-Addressing Assertion

The Require WS-Addressing assertion lets you specify which versions of WS-Addressing should be present in the message and whether the addressing headers must be signed. The Gateway uses the WS-Addressing version to select the namespace.
gateway90
The
Require WS-Addressing
assertion lets you specify which versions of WS-Addressing should be present in the message and whether the addressing headers must be signed. The Gateway uses the WS-Addressing version to select the namespace.
This assertion can use namespaces from the following versions:
WS-Addressing 1.0
WS-Addressing 08/2004
In addition, you can enter any other configurable namespace URI in the assertion properties.
To learn about selecting the target message for this assertion, see Selecting a Target Message.
To learn more about selecting the target identity for this assertion, see Selecting a Target Identity.
Sample WS-Addressing Message
The following is a sample message with WS-Addressing headers:
?<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" ????????????xmlns:wsa="http://www.w3.org/2005/08/addressing"> ???<S:Header> ???????<wsa:MessageID>http://example.com/6B29FC40-CA47-1067-B31D-00DD010662DA</wsa:MessageID> ???????<wsa:ReplyTo> ?????????<wsa:Address>http://example.com/business/client1</wsa:Address> ???????</wsa:ReplyTo> ???????<wsa:To>http://example.com/fabrikam/Purchasing</wsa:To> ???????<wsa:Action>http://example.com/fabrikam/SubmitPO</wsa:Action> ???</S:Header> ???<S:Body> ??????... ???</S:Body> ?</S:Envelope>
Context Variables Created by This Assertion
The Require WS-Addressing assertion sets the following context variables based on the WS-Addressing headers. The
<prefix>
is set in the assertion properties and is optional. There is no default.
Context variables created by Require WS-Addressing assertion
Variable
Description
$(
<prefix>
.to}
Contains the value from the "to" addressing header.
Value from sample message:
http://example.com/fabrikam/Purchasing
.
$(
<prefix>
.action}
Contains the value from the "action" addressing header.
Value from sample message:
http://example.com/fabrikam/SubmitPO
.
${<prefix>.elements}
Contains all the addressing headers, as a multivalued context variable. From the sample message, these are all the lines with "<wsa>", except for "<wsa:Address>".
$(
<prefix>
.messageid}
Contains the value from the "messageid" addressing header.
Value from sample message:
http://example.com/6B29FC40-CA47-1067-B31D-00DD010662DA
.
$(
<prefix>
.from}
Contains the value from the "from" addressing header. Relates to endpoints and will contain the address of the endpoint reference.
This header is not present in the sample message.
$(
<prefix>
.replyto}
Contains the value from the "replyto" addressing header. Relates to endpoints and will contain the address of the endpoint reference.
Value from sample message:
http://example.com/business/client1
.
$(
<prefix>
.faultto}
Contains the value from the "faulto" addressing header. Relates to endpoints and will contain the address of the endpoint reference.
This header is not present in the sample message.
$(
<prefix>
.namespace
Contains the value from the "namespace" addressing header. Will be set to the namespace of the processed WS-Addressing header(s).
Value from sample message:
http://www.w3.org/2005/08/addressing
.
Not every addressing property will be present in all messages. If a property is not present, the context variable will contain an empty string. If a message contains repeated addressing headers, the first acceptable set of headers is used (note that this may be the first referenced by a signature, not necessarily the first in document order).
Using the Assertion
  1. Do one of the following:
    • To add the assertion to the Policy Development window, see Adding an Assertion.
    • To change the configuration of an existing assertion, proceed to step 2 below.
  2. When adding the assertion, the
    WS-Addressing Properties
    automatically appear; when modifying the assertion, right-click
    <target>:
    Require WS-Addressing
    in the policy window and select
    WS-Addressing Properties
    or double-click the assertion in the policy window. The assertion properties are displayed.  
  3. Configure the properties as follows:
    Setting
    Description
    Target Message
    Select the message to check for WS-Addressing:
    • Request:
      The request message will be checked.
    • Response:
      The response message will be checked.
    • Other Context Variable:
      A context variable will be checked. This context variable must be of type Message and must be predefined or has been set in the policy prior to the Require WS-Addressing assertion. For more information on Message variables, see Context Variables.
    The message target can also be set outside of the assertion properties. For more information, see Selecting a Target Message.
    Permitted Versions
    Specify which versions of WS-Addressing are permitted in the message. The Gateway will use the namespace associated with the selected version.
    If any another WS-Addressing namespace URI should be permitted, select
    Other
    and enter the additional permitted URI in the adjacent text field.
    The assertion will fail if a supported version of WS-Addressing is not found in the message.
    Variable Prefix
    Optionally, enter a prefix that will be added to the context variables created by this assertion. This prefix will ensure uniqueness and will prevent the variables from overwriting each other when multiple instances of this assertion appear in a policy.
    For an explanation of the validation messages displayed, see Context Variable Validation.
    Require Signature
    Select this check box if the addressing headers must be signed. The assertion will fail if a signature is not present or is invalid.
  4. Click [
    OK
    ] when done.