我试图在
PHP5中使用Soap调用Web服务,为此,我需要使用WS-Security 1.1.
是否有任何框架可用于在PHP中轻松生成安全标头?或者我必须自己添加整个标头?
WS-Security 1.1:http://oasis-open.org/committees/download.php/16790/wss-1.1-spec-os-SOAPMessageSecurity.pdf的规格
PHP Classes,Roger Veciana i Rovira提交了这个(我刚刚重新格式化了代码):
原文链接:https://www.f2er.com/php/137943.htmlclass WSSoapClient extends SoapClient {
private $username;
private $password;
/*Generates de WSSecurity header*/
private function wssecurity_header() {
/* The timestamp. The computer must be on time or the server you are
* connecting may reject the password digest for security.
*/
$timestamp = gmdate('Y-m-d\TH:i:s\Z');
/* A random word. The use of rand() may repeat the word if the server is
* very loaded.
*/
$nonce = mt_rand();
/* This is the right way to create the password digest. Using the
* password directly may work also,but it's not secure to transmit it
* without encryption. And anyway,at least with axis+wss4j,the nonce
* and timestamp are mandatory anyway.
*/
$passdigest = base64_encode(
pack('H*',sha1(
pack('H*',$nonce) . pack('a*',$timestamp).
pack('a*',$this->password))));
$auth = '
<wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.'.
'org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>'.$this->username.'</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-'.
'wss-username-token-profile-1.0#PasswordDigest">'.$passdigest.'</wsse:Password>
<wsse:Nonce>'.base64_encode(pack('H*',$nonce)).'</wsse:Nonce>
<wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-'.
'200401-wss-wssecurity-utility-1.0.xsd">'.$timestamp.'</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
';
/* XSD_ANYXML (or 147) is the code to add xml directly into a SoapVar.
* Using other codes such as SOAP_ENC,it's really difficult to set the
* correct namespace for the variables,so the axis server rejects the
* xml.
*/
$authvalues = new SoapVar($auth,XSD_ANYXML);
$header = new SoapHeader("http://docs.oasis-open.org/wss/2004/01/oasis-".
"200401-wss-wssecurity-secext-1.0.xsd","Security",$authvalues,true);
return $header;
}
/* It's necessary to call it if you want to set a different user and
* password
*/
public function __setUsernameToken($username,$password) {
$this->username = $username;
$this->password = $password;
}
/* Overwrites the original method adding the security header. As you can
* see,if you want to add more headers,the method needs to be modifyed
*/
public function __soapCall($function_name,$arguments,$options=null,$input_headers=null,$output_headers=null) {
$result = parent::__soapCall($function_name,$options,$this->wssecurity_header());
return $result;
}
}
