The application I am integrating the webservice into generates a wsse security header containing a ‘Nonce’ attribute. As far as I’m aware, this is a standard element of wsse security.
It appears that the API refuses requests that contain Nonce in the UsernameToken. In order to work around this, I would have to create and implement a custom WSE policy assertion. This is not an issue in SOAP UI as one can fully customize the SOAP envelope, however I imagine this is quite restrictive for users attempting API integration in their applications.
Is there something you can do your side to prevent the webservice from rejecting requests with a superfluous nonce element?