Soap API +设置安全头作为响应

时间:2014-01-13 09:54:07

标签: php web-services soap ws-security soapserver

我是SOAP API的新手。

我已经实现了部分,我需要在请求中传递WS-Security头,并根据我们传递头的参数在Soap Server中实现安全性。

现在我的要求是在我们通过的响应中发送相同的Soap Header。

是否可以实施?

如果是,那么请指导我正确的方向。

1 个答案:

答案 0 :(得分:2)

我已经想出了如何在响应中发送安全标头。

让我们举个例子。我从我的soap客户端调用 NotifyTransportRequest 。 通过调用客户端,我使用提到的代码传递到标题下面。

//Setting Security Header - Start 
$authHeader = new stdClass();
$authHeader->UsernameToken->Username = "user";
$authHeader->UsernameToken->Password = "password";
$authHeader->Timestamp->Created = "2013-12-31T07:15:41.135Z";
$authHeader->Timestamp->Expires = "2013-12-31T07:16:41.135Z";
$Headers[] = new SoapHeader('http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-     wssecurity-secext-1.0.xsd', 'Security', $authHeader,TRUE);
// Setting Security Header - End

// Setting Security Header for Authentication - Start.
$Client->__setSoapHeaders($Headers);
// Setting Security Header for Authentication - End.

通过此代码,它在Soap请求中的安全标头下面传递。

<s:Header>
    <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
     <u:Timestamp u:Id="_0">
       <u:Created>2014-01-16T12:39:31.050Z</u:Created>
       <u:Expires>2014-01-16T12:40:31.050Z</u:Expires>
     </u:Timestamp>
     <o:UsernameToken u:Id="uuid-6065f07d-c852-45c7-8df4-ef9b566b9536-1">
        <o:Username>user</o:Username>
        <o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</o:Password>
      </o:UsernameToken>
    </o:Security>
 </s:Header>

现在当我从Soap Header返回时,我需要在返回代码之前传递下面的代码。

    $headerStart = strtotime(date('Y-m-d H:i:s')) - (1*60);
    $headerEnd   = strtotime(date('Y-m-d H:i:s')) + (1*60);

    $authHeader = new stdClass();
    $authHeader->UsernameToken->Username = "user";
    $authHeader->UsernameToken->Password = "password";
    $authHeader->Timestamp->Created = gmdate('Y-m-d\TH:i:s.u\Z', $headerStart);
    $authHeader->Timestamp->Expires = gmdate('Y-m-d\TH:i:s.u\Z', $headerEnd);
    $Header = new SoapHeader('http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd', 'Security', $authHeader, false);

    $GLOBALS['server']->addSoapHeader($Header);

它会在响应中添加Soap Header。

 <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:ns2="https://67.231.18.69/~verttest/dispatch/soap/medivan.wsdl">
      <SOAP-ENV:Header>
         <ns1:Security>
             <UsernameToken>
                <Username>user</Username>
                <Password>password</Password>
             </UsernameToken>
             <Timestamp>
                <Created>2014-01-16T12:40:28.000000Z</Created>
                <Expires>2014-01-16T12:42:28.000000Z</Expires>
             </Timestamp>
       </ns1:Security>
    </SOAP-ENV:Header>
    <SOAP-ENV:Body>
             .
             .
             .
    </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
相关问题
最新问题