[英]How can I implement WS-Security 1.0 in PHP5 using certificates?
I have found very interesting the answer to how to implement ws-security 1.1 in php5 but I need to use certificates to authenticate the connection to the WebService. 我发现如何在php5中实现ws-security 1.1的答案非常有趣,但是我需要使用证书来验证与WebService的连接。
Does anyone know a way to do such a thing on PHP5? 有谁知道在PHP5上做这种事情的方法吗?
Many thanks in advance! 提前谢谢了!
Here is my script. 这是我的剧本。 With this script it returns me: 使用此脚本,它返回我:
An error occurred when verifying security for the message. 验证消息的安全性时发生错误。 And i Want to find a way to debug this message. 我想找到一种调试此消息的方法。 The .pem file is generated from the key file signed certificate and the ca-file. .pem文件是从密钥文件签名的证书和ca文件生成的。 .crt is ca-certificate. .crt是ca证书。 I have no information what server expect exactly....... Later I`ll check server holders for more info and could they provide me with some debug information 我没有任何信息,服务器究竟期望什么..稍后,我将检查服务器所有者以获取更多信息,他们能否为我提供一些调试信息
require('wse/soap-wsa.php');
require('wse/soap-wsse.php');
define('PRIVATE_KEY', dirname(__FILE__).'/cert/B_13925_Cert.pem');
define('CERT_FILE', dirname(__FILE__).'/cert/Generali-Root.crt');
class mySoap extends SoapClient {
function __doRequest($request, $location, $saction, $version) {
$dom = new DOMDocument();
$dom->loadXML($request);
$objWSA = new WSASoap($dom);
$objWSA->addAction($saction);
$objWSA->addTo($location);
$objWSA->addMessageID();
$objWSA->addReplyTo();
$dom = $objWSA->getDoc();
$objWSSE = new WSSESoap($dom);
/* Sign all headers to include signing the WS-Addressing headers */
$objWSSE->signAllHeaders = TRUE;
$objWSSE->addTimestamp(3600);
/* create new XMLSec Key using RSA SHA-1 and type is private key */
$objKey = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array('type'=>'private'));
/* load the private key from file - last arg is bool if key in file (TRUE) or is string (FALSE) */
$objKey->loadKey(PRIVATE_KEY, TRUE);
/* Sign the message - also signs appropraite WS-Security items */
$objWSSE->signSoapDoc($objKey);
/* Add certificate (BinarySecurityToken) to the message and attach pointer to Signature */
$token = $objWSSE->addBinaryToken(file_get_contents(CERT_FILE));
$objWSSE->attachTokentoSig($token);
$request = $objWSSE->saveXML();
$f = fopen('debug.txt','w');
fwrite($f,print_r($request,true));
fclose($f);
return parent::__doRequest($request, $location, $saction, $version);
}
}
$soap_url = 'https://test.domain.bg:9443/GPM/GPMPolicyService.svc/gpm?wsdl';
$soap_client = new mySoap($soap_url);
$getNomenclaturesRequest = new getNomenclaturesRequest(array(1,2,3,4));
$request = new GetNomenclatures($getNomenclaturesRequest);
try {
$out = $soap_client->GetNomenclatures($request);
var_dump($out);die();
} catch (SoapFault $fault) {
// var_dump($fault);
}
header('Content-type:text/xml');
print_r(file_get_contents('debug.txt'));
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.