English 中文(简体)
SOAP authentication with PHP
原标题:

I need to connect to a web service that requires authentication credentials in the form of a plain text user name and password.

I have a basic understanding of SOAP and have managed to connect to other open web services that do not require a username or password using NuSOAP.

The following was sent to me:

<?php

// Set up security options
$security_options = array("useUsernameToken" => TRUE);
$policy = new WSPolicy(array("security" => $security_options));

$security_token = new WSSecurityToken(array(
    "user" => "xxx",
    "password" => "xxx",
    "passwordType" => "basic"));

// Create client with options
$client = new WSClient(array("wsdl" => "https://xxx.asmx?wsdl",
    "action" => "http://xxx",
    "to" => "https://xxx",
    "useWSA" =>  submission ,
    "CACert" => "cert.pem",
    "useSOAP" => 1.1,
    "policy" => $policy,
    "securityToken" => $security_token));

// Send request and capture response
$proxy = $client->getProxy();

$input_array = array("From" => "2010-01-01 00:00:00",
    "To" => "2010-01-31 00:00:00");

$resMessage = $proxy->xxx($input_array);
?>

After some research I understand that the above implementation uses wso2. I need to be able to do this without using wso2.

I have tried my best to look for resources (Google, forums, etc) about the above but haven t been able to find anything. I have read some tutorials on SOAP and have been able to set up a SOAP client using PHP but cannot get my head around all the authentication and "policies".

An explanation of how to achieve this and maybe some links to further reading about this would be very much appreciated as I am tearing my hair out! Ideally I would like some links to resources for an absolute beginner to the SOAP authentication.

Thanks. P.S some of the links/credentials in the above could have been xxx d for privacy.

问题回答

If you have the SOAP extension enabled in php (php version >= 5.0.1), you can use the SoapClient class to process your request. To authenticate, you can pass the username and password to the class with the target URL:

$soapURL = "https://www.example.com/soapapi.asmx?wsdl" ;
$soapParameters = Array( login  => "myusername",  password  => "mypassword") ;
$soapFunction = "someFunction" ;
$soapFunctionParameters = Array( param1  => 42,  param2  => "Search") ;

$soapClient = new SoapClient($soapURL, $soapParameters);

$soapResult = $soapClient->__soapCall($soapFunction, $soapFunctionParameters) ;

if(is_array($soapResult) && isset($soapResult[ someFunctionResult ])) {
    // Process result.
} else {
    // Unexpected result
    if(function_exists("debug_message")) {
        debug_message("Unexpected soapResult for {$soapFunction}: ".print_r($soapResult, TRUE)) ;
    }
}

If you re not sure about the functions you can call, you can view the target URL (e.g. ending in ".asmx?wsdl") in your browser. You should get an XML response that tells you the available SOAP functions you can call, and the expected parameters of those functions.

Check out the soap_wsse library





相关问题
ajax login using httpRequest?

I am trying to develop my login script to give feedback to the user if the login is valid or not. Basically if it isn t correct a div box will show saying its wrong, if its correct it will show its ...

Remotely authenticating client Windows user on demand

Suppose I am writing a server for a particular network protocol. If I know that the client is running on a Windows machine, is it possible for my server to authenticate the Windows user that owns the ...

Role/Permission based forms authorizing/authentication?

While looking into forms authorizing/authentication, I found that it is possible to do role based authorizing by adding an array of roles to a FormsAuthenticationTicket. That way I can write User....

热门标签