SOAP Message Structure

Owned by Alex Sharples
Last updated: 11, Jan 2021 by Paul Collado Orta
1 min read

Overview

All messages exchanged with SMX are SOAP messages. They include a SOAP Security header for authentication purposes and contain the SOAP Body contains the OTA message. The following example is a complete SOAP message with the SOAP Security header.

SOAP Envelope

<soap-env:Envelope xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"> <soap-env:Header xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"> <wsse:Security xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soap:mustUnderstand="1"> <wsse:UsernameToken> <wsse:Username>username</wsse:Username> <wsse:Password type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#passwordtext">secret</wsse:Password> </wsse:UsernameToken> </wsse:Security> </soap-env:Header> <soap-env:Body xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"> <OTA_HotelResNotifRQ xmlns="http://www.opentravel.org/OTA/2003/05" Version="1.0" EchoToken="879791878" TimeStamp="2014-10-09T18:51:45"> ... </OTA_HotelResNotifRQ> </soap-env:Body> </soap-env:Envelope>

SOAP Security Header

The Security Header structure conveys authentication information. It is mandatory and both the /wsse:UsernameToken/wsse:Username and /wsse:UsernameToken/wsse:Password elements are mandatory. The only acceptable value for the Password/@Type attribute is "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText", indicating a plain text password. Plain text password are acceptable as all communication is done over encrypted HTTP.

Each connecting PmsXchange partner will be allocated a USERNAME and PASSWORD for use with this header.

SOAP Faults

Generally OTA messages transmit "business logic" failures in the <Errors> element structure. However a SOAP fault can be returned in case of an unexpected error caused by for example a SOAP message where the xml cannot be parsed. The SOAP Fault will identify the party at fault (CLIENT/SERVER).

SOAP Fault - Invalid XML

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header/> <SOAP-ENV:Body> <SOAP-ENV:Fault> <faultcode>SOAP-ENV:Client</faultcode> <faultstring xml:lang="en" xmlns:xml="http://www.w3.org/XML/1998/namespace">Authentication failed - invalid username</faultstring> </SOAP-ENV:Fault> </SOAP-ENV:Body> </SOAP-ENV:Envelope>