Description
Hi,
In our environment we have a SOAP request similar to the following:
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:v1="http://some.name.space/v1.1"> <soap:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">*Security Header*</wsse:Security> <soap:Body> <v1:Method></v1:Method> </soap:Body> </soap:Header> </soap:Envelope>
As you can see the soap:Body is part of the soap:Header which, according to the SOAP XML Schema, is not a valid construct.
Schema-validation is turned on but no error occurrs. The body part is even treated as a valid body.