Java and SOAP by Robert Englander

The SOAP envelope may contain a Header element that encompasses data outside the boundaries of an RPC (or other) style invocation. The header is an extension mechanism that can carry any kind of information that lies outside the semantics of the message in the body, but is nevertheless useful or even necessary for processing the message properly. Routing information might contain transaction identifiers, authentication keys, or other information related to the message’s processing or routing.

Putting routing information in the SOAP header is useful when a message is sent to an intermediary, which in turn sends the message on to its final destination. In Chapter 9 we developed some proxy services that used another service to perform their tasks. In those cases, the client application was not aware that the service it was calling was actually a proxy. However, it’s possible for proxy services to forward messages to specified endpoints or make use of other endpoints in the performance of their tasks. We’ll develop an example of this kind of proxy, or intermediary, service.

Although SOAP does not currently specify any security mechanism, the Header element is a good place to encode authentication data such as usernames and passwords. Using the Header to store authentication data allows you to develop your service methods using only the parameters necessary and relevant to the method’s task, and still gives you a mechanism to pass other related data to the ...