我从SOAP / PHP开始,必须发送安全性。它让我疯了,我已经尝试了十几种方法,但没有任何作用。这是服务所关注的标题 - 我该如何发送?
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:v1="http://v1.cc.b2c.ws.rcs.buergel.de/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-6">
<wsse:Username>99999999</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
99999999
</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">
920ffm0dBhbpa4/Q7ZYGsQ==
</wsse:Nonce>
<wsu:Created>2013-07-18T11:01:27.312Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
</soapenv:Envelope>
我最后使用这种方法:Connecting to WS-Security protected Web Service with PHP 并得到以下错误:
public' faultstring'=&gt; string'处理标题时发现错误'(长度= 61) public'triefcode'=&gt;字符串'ns1:InvalidSecurity'(长度= 19)
我非常感谢每一位帮助 - 提前谢谢。
这是我目前的PHP代码。
/**
* This function implements a WS-Security digest authentification for PHP.
*
* @access private
* @param string $user
* @param string $password
* @return string
*/
function generateWSSecurity($user, $password)
{
// Creating date using yyyy-mm-ddThh:mm:ssZ format
$tm_created = gmdate('Y-m-d\TH:i:s\Z');
$tm_expires = gmdate('Y-m-d\TH:i:s\Z', gmdate('U') + 180);
// Generating, packing and encoding a random number
$simple_nonce = mt_rand();
$encoded_nonce = base64_encode(pack('H*', $simple_nonce));
// Compiling WSS string
$passdigest = base64_encode(pack('H*',sha1(pack('H*', $simple_nonce) . pack('a*', $tm_created) . pack('a*', $password))));
// Initializing namespaces
$ns_envelope = 'http://schemas.xmlsoap.org/soap/envelope/';
$ns_wsse = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
$ns_wsu = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
$password_type = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText';
$encoding_type = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary';
// Creating WSS identification header using SimpleXML
$root = new \SimpleXMLElement('<root/>');
$envelope = $root->addChild('soapenv:Envelope', null, $ns_envelope);
$soapheader = $envelope->addChild('soapenv:Header');
$security = $soapheader->addChild('wsse:Security', null, $ns_wsse);
$security->addAttribute('soapenv:mustUnderstand','1');
$usernameToken = $security->addChild('wsse:UsernameToken', null, $ns_wsse);
$usernameToken->addChild('wsse:Username', $user, $ns_wsse);
$password = $usernameToken->addChild('wsse:Password', $passdigest, $ns_wsse);
$password->addAttribute('Type', $password_type);
$nonce = $usernameToken->addChild('wsse:Nonce', $encoded_nonce, $ns_wsse);
$nonce->addAttribute('EncodingType', $encoding_type);
$usernameToken->addChild('wsu:Created', $tm_created, $ns_wsu);
// Recovering XML value from that object
$root->registerXPathNamespace('soapenv', $ns_envelope);
$full = $root->xpath('/root/soapenv:Envelope');
$auth = $full[0]->asXML();
return $auth;
}
function soapClientWSSecurityHeader($user, $password)
{
return new \SoapHeader('http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd',
'Security', new \SoapVar(generateWSSecurity($user, $password), XSD_ANYXML), true
);
}
$client = new \SoapClient('https://webservice?wsdl');
$client->__setSoapHeaders(soapClientWSSecurityHeader('user', 'pass'));
它到目前为止有效,但现在如果我调用任何操作,我就会得到这个:
public' faultstring'=&gt;字符串'坏凭据'(长度= 15) public'triefcode'=&gt;字符串'soap:Server'(长度= 11)
有什么想法吗?