I'm attempting to use one of the Administrative Services WSDLs, FieldManagement, to query fields. You would think this would be pretty simple, but its not and documentation is non existant. Via C# I'm building a fairly basic query structure, similar to the structure I have used for 10-15 other web service apps without issue up until now. Unfortunately this one produces an error
SBL-ODU-01007 - The HTTP request did not contain a valid SOAPAction header.
There doesnt seem to be any access issues, as I can run the Oracle provided Migration tool against this environment without error, but the level of control you have with the Migration tool is crappy so I'm building my own. I've dumped the SOAP request and response out via a SoapExtension and included it below.
Anyone have any ideas?
-----SoapRequest at 21/09/2010 15:41:08
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><FieldManagementRead_Input xmlns="urn:crmondemand/ws/odesabs/fieldmanagement/"><FieldSet xmlns="urn:/crmondemand/xml/fieldmanagement/query"><ObjectName>Contact</ObjectName><ListOfFields><Field /></ListOfFields></FieldSet></FieldManagementRead_Input></soap:Body></soap:Envelope>
-----SoapResponse at 21/09/2010 15:41:09
<?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><soap:Fault><faultcode>soap:Client</faultcode><faultstring>Client</faultstring><detail><ErrorCode>SBL-ODU-01007</ErrorCode><ErrorMessage>The HTTP request did not contain a valid SOAPAction header. The value of the header was "document/urn:crmondemand/ws/odesabs/FieldManagement/:FieldManagementRead"</ErrorMessage></detail></soap:Fault></soap:Body></soap:Envelope>
You might want to check the URL you are using. I was able to reproduce the error message you mention by incorrectly using http://secure-auxomxXXX.crmondemand.com/Services/Integration for the Field Management Service.
The correct URL for the field management service is https://secure-ausomxXXX.crmondemand.com/Services/cte/FieldManagementService
POST /Services/cte/FieldManagementService HTTP/1.1
Content-Type: text/xml; charset=utf-8
Good call... I was just pulling the url, sessionid and all from the OnDemandWebService.Session. Ive changed this to manually extract the server details and sessionid and create the URL manually using /Services/cte/FieldManagementService. Unfortunately, while my original header error message has gone away I now get...
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><faultcode xmlns="">wsse:InvalidSecurity</faultcode><faultstring xmlns="">Missing <wsse:Security> in SOAP Header</faultstring><faultactor xmlns=""></faultactor></env:Fault></env:Body></env:Envelope>
In all my previous apps, Ive just logged in to CRM OD using the functionality provided in the OnDemandWebService.Session class, then passed the Session URL directly into my query builder and queries ran without a hitch. Never needed to worry about manually controlling security in my generated soap requests.
I normally pass authentication information with the SOAP request. You can see this in the sample request. I just tried passing a valid jsessionid without including wsse:security and received the same error that you mention.
You might want to try using wsse:security instead of the HTTP GET approach.
Thanks hody. The problem I'm having is that since I am not actually creating the SOAP request myself (C# based app build in visual studio), I have limited fine control over the construction of the request. I'm trying to find a way to incorporate wsse:security into my app, but everything I'm reading seems to suggest not only is this horribly complicated, but for the most part the methods that are available to do this don't actually work properly anyway.
Non Administrative Services based requests, built via C#, dont require this level of rework. You just authenticate via the Oracle provided Session class, then pass the sessionid around as you need it to your various query building areas. However, the session class uses
return httpBase + server + "/Services/Integration?command=login";
and I am trying to use
in my queries.
I'm wondering is that why my authenticated session, which works for other apps, is not working here.
I've had the same problem with VB.net and never could find it. How to insert a soap header into a request. Easy enough to do with Axis. I finally gave up and built the request with strings and used a HTTP object. Of course I had to parse up the return XML manually. Fortunatly it was a simple response.
oWebGlobalTimeQueryNoSession.UploadData(serverName, "POST", bytArgumentsNoSession)
Catch ex As WebException
Dim reader As StreamReader = New StreamReader(ex.Response.GetResponseStream)
errorStr = reader.ReadToEnd
b = errorStr.IndexOf("<ErrorMessage>")
e = errorStr.IndexOf("</ErrorMessage>")
errorStr = errorStr.Substring(b + 14, e - b - 14)
reader = Nothing
Catch ex1 As Exception