Question

我正在寻找如何使用PHP签署soap标头。

soap服务由apache rampart构建，与https://axis.apache.org/axis2/java/rampart/samples.html中的示例2完全相同。

现在，我使用PHP开发了一个soap客户端。我不知道如何签署整个标题和正文。

我可以按照以下方式提出肥皂请求

<?xml version="1.0" encoding="UTF-8" ?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://ws.globesteel.com" xmlns:ns2="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:ns3="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <SOAP-ENV:Header>
    <ns3:Security SOAP-ENV:mustUnderstand="1">
      <ns2:Timestamp>
        <ns2:Created>2016-07-13T08:16:02Z</ns2:Created>
        <ns2:Expires>2016-07-20T06:56:02Z</ns2:Expires>
      </ns2:Timestamp>
      <ns3:Signature>
        <ns3:SignedInfo>
          <Signature>
            <SignedInfo>
              <CanonicalizationMethod>
                <Algorithm>http://www.w3.org/2001/10/xml-exc-c14n#</Algorithm>
              </CanonicalizationMethod>
              <SignatureMethod>
                <Algorithm>http://www.w3.org/2000/09/xmldsig#rsa-sha1</Algorithm>
              </SignatureMethod>
              <Reference>
                <SOAP-ENC:Struct>
                  <Transforms>
                    <SOAP-ENC:Struct>
                      <Algorithm>http://www.w3.org/2001/10/xml-exc-c14n#</Algorithm>
                    </SOAP-ENC:Struct>
                  </Transforms>
                  <DigestMethod>
                    <Algorithm>http://www.w3.org/2000/09/xmldsig#sha1</Algorithm>
                  </DigestMethod>
                  <DigestValue>8f6c3a934fc237673e9f1a12793f5507b8103e4a</DigestValue>
                  <URI>#_body</URI>
                  <Id/>
                </SOAP-ENC:Struct>
                <SOAP-ENC:Struct>
                  <Transforms>
                    <SOAP-ENC:Struct>
                      <Algorithm>http://www.w3.org/2001/10/xml-exc-c14n#</Algorithm>
                    </SOAP-ENC:Struct>
                  </Transforms>
                  <DigestMethod>
                    <Algorithm>http://www.w3.org/2000/09/xmldsig#sha1</Algorithm>
                  </DigestMethod>
                  <DigestValue></DigestValue>
                  <URI>#_control</URI>
                  <Id/>
                </SOAP-ENC:Struct>
              </Reference>
            </SignedInfo>
            <SignatureValue>Yu/DkCbKXAoalySGM2XdieRYhk1rnwhFKNcklXn5l+YgNk3AXEnpr4yDAlReYgU3FGOZh0XGUn8hGWwEs28S+xjrROgb3G/SYKVKbS3EmAU/vLBa+lABn/0NDoGdR/iIv9C7XAr/OBhE++cHA+lktZSS1SUPtfG5BAifN/RtfkE=</SignatureValue>
            <KeyInfo>aqePjuZzE1lzwMMtquksvNJsbmI=</KeyInfo>
          </Signature>
        </ns3:SignedInfo>
      </ns3:Signature>
    </ns3:Security>
  </SOAP-ENV:Header>
  <SOAP-ENV:Body>
    <ns1:GetAvailableSecurityQuestions/>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

但我仍然收到错误返回＆＃34;消息未签名＆＃34;。

Answer 1

经过2周的痛苦，我终于使用https://github.com/robrichards/xmlseclibs

解决了这个问题

如何在不使用wsf / php的情况下签署外发soap请求？

1 个答案: