SOAP Message size it greater than allowed limit [SECURITY.MSGSIZE v 1.0]? How?

Question

I'm trying to help a colleague run SOATest (a web services client that makes testing SOAP services easy) on a WCF web service operation, and for "big" responses, we are seeing this error:

SOAP Message size it greater than allowed limit [SECURITY.MSGSIZE v 1.0]

This is perplexing, as the tool is actually able to get a response from the server that contains no SOAP faults. Furthermore, the response isn't very big at all - 22kb to be exact. I can't seem to Google this error message, and the the grammar/spelling mistake in it isn't working for my benefit either.

Is this a SOATest setting? Maybe a WCF setting? Or a WS-Security setting? It certainly isn't a restriction we are imposing at the server level.

Here's a screenshot for posterity.

Answer 1

We were able to get an answer to this error on the SOATest forums.

SECURITY.MSGSIZE is one of the default SOAP Policy rule checks available to be added to a response. Here's a screenshot of the particular rule as it was being applied. This particular rule is located at:

C:\Program Files\Parasoft\SOAtest\5.5.3\rules\SOAP\SECURITY.MSGSIZE.rule

If you open the default policy configuration package located at:

C:\Program Files\Parasoft\SOAtest\5.5.3\rules\soa.policy

you can then disable or modify the value of the SECURITY.MSGSIZE rule by if you right click on SOAP->Avoid large SOAP messages [SECURITY.MSGSIZE]->Edit->Method:

def checkSize(value, context):
    message = XMLUtil.serialize(value)
    size = len(message)
    if size > 10240:
        return 1
    else:
        return 0

The size > 10240 conditional is where this rule can be changed as needed. Or you could simply uncheck it as part of the default policy package and save the change that way instead.