1.Requests with an invalid request MessageHeader are blocked; a standard SOAP Fault is returned
2.When request does not contain a MessageHeader: generate Message Header
ConsumerRef.userID = "unknown"
ConsumerRef.customerID = equal to the client (application) id from the OAuth token
ConsumerRef.customerLocation = "unknown"
- When request contains a valid MessageHeader & authentication and authorization steps are successful: populate the follwing attributes
SecurityRef.AuthenticationType = "UnT"
SecurityRef.AuthenticationTime = current time (timestamp)
- When Consumer request does not contain a Addressing header: generate a Addressing header
Addressing.Action = value of HTTP SOAPAction header
Addressing.To = URL of addressed endpoint
Addressing.MessageID = UUID
Addressing.RelatesTo.InitiatedBy = equal to Addressing.MessageID