堆栈内存溢出
  简体   繁体   English

如何使用php与CXF服务建立安全连接?

[英]How do I make a secure connection to a CXF service using php?

 原文  2011-12-25 07:29:08       php/ web-services/ soap/ soap-client/ zend-framework

问题描述

I am attempting to get a SOAP client going, the only examples I get from the service provider is in Java, but I need to do this with PHP. 我正在尝试使SOAP客户端运行,从服务提供商处获得的唯一示例是Java,但是我需要使用PHP来完成此操作。 I'm not so new to Zend, but am new to using SOAP. 我对Zend并不陌生,但是对使用SOAP并不陌生。

I think the host service is using Apache CXF. 我认为主机服务正在使用Apache CXF。

I am using it like this (below) and keep getting and exception 'Username not provided' 我正在这样使用它(如下),并不断获取和异常“未提供用户名” 

$wsdlprice = '/home/rob/var/www/catalog-pim/public/wsdl-docs/PriceAvailabilityService_V02.wsdl';
$client = new Zend_Soap_Client($wsdlprice, array('encoding' => 'UTF-8', 'compression' => SOAP_COMPRESSION_ACCEPT));
$client->setOptions(array('login' => 'my-username', 'password' => 'my-password'));

    print_r($client);

try {
    $client->getPriceAvailability(array('hideZeroInv' => '0'));
} 
catch (SoapFault $exception) {
    echo '<br /><br /><br />EXCEPTION=' . $exception;
}

The errors that I am getting: 我得到的错误: 

EXCEPTION=SoapFault exception: [soap:000101] Username is not provided in /home/rob/var/www/catalog-pim/library/Zend/Soap/Client.php:1121 Stack trace: #0 /home/rob/var/www/catalog-pim/library/Zend/Soap/Client.php(1121): SoapClient->__soapCall('getPriceAvailab...', Array, NULL, NULL, Array)

I took a look at Zend's 'Client.php' on line 1121 and it's the soap '__call' method. 我在1121行看了Zend的'Client.php',它是肥皂的'__call'方法。 So, could be anything that PHP's soap cient does not like....like not having the 'Username' 因此,可能是PHP肥皂科学不喜欢的任何事情。...就像没有“用户名”一样

I keep trying to add 'username', or 'Username' to the $client, I've tried adding it to 'getPriceAvailability()' method. 我一直试图将'username'或'Username'添加到$ client中,我尝试将其添加到'getPriceAvailability()'方法中。 I think I need to put it in the request header, but I cant figure that out either. 我想我需要将其放在请求标头中,但我也无法弄清楚。 I tried messing with $client->addSoapInputHeader(new SoapHeader::$header); 我试图弄乱$client->addSoapInputHeader(new SoapHeader::$header); but I don't know what to put into $header and I cannot seem to find much on the web. 但是我不知道在$ header中放入什么,而且我似乎在网上找不到很多东西。

WSDL doc: WSDL文档: 

<?xml version='1.0' encoding='UTF-8'?><wsdl:definitions name="PriceAvailabilityServiceV02" targetNamespace="http://pnaV02.model.ws.synnex.com/" xmlns:ns1="http://schemas.xmlsoap.org/soap/http" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="http://pnaV02.model.ws.synnex.com/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UTOverTransport">
        <wsp:ExactlyOne>
            <wsp:All>
                <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                    <wsp:Policy>
                        <sp:TransportToken>
                            <wsp:Policy>
                                  <sp:HttpsToken RequireClientCertificate="false"/> 
                            </wsp:Policy>
                        </sp:TransportToken>
                        <sp:AlgorithmSuite>
                            <wsp:Policy>
                                <sp:Basic256/>
                            </wsp:Policy>
                        </sp:AlgorithmSuite>
                        <sp:Layout>
                            <wsp:Policy>
                                <sp:Lax/>
                            </wsp:Policy>
                        </sp:Layout>
                        <sp:IncludeTimestamp/>
                    </wsp:Policy>
                </sp:TransportBinding>
                <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                    <wsp:Policy>
                        <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"/>
                    </wsp:Policy>
                </sp:SignedSupportingTokens>
            </wsp:All>
        </wsp:ExactlyOne>
    </wsp:Policy>    
  <wsdl:types>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="unqualified" targetNamespace="http://pnaV02.model.ws.synnex.com/" xmlns:tns="http://pnaV02.model.ws.synnex.com/" xmlns:xs="http://www.w3.org/2001/XMLSchema">
    <xs:element name="getPriceAvailability" type="tns:getPriceAvailability" />
    <xs:element name="getPriceAvailabilityResponse" type="tns:getPriceAvailabilityResponse" />
    <xs:complexType name="getPriceAvailability">
        <xs:sequence>
            <xs:element maxOccurs="unbounded" minOccurs="0" name="skuList" type="tns:skuList" />
            <xs:element maxOccurs="unbounded" minOccurs="0" name="warehouse" type="tns:warehouse" />
            <xs:element name="hideZeroInv" type="xs:boolean" />
        </xs:sequence>
    </xs:complexType>
    <xs:complexType name="skuList">
        <xs:sequence>
            <xs:element minOccurs="0" name="synnexSku" type="xs:int" />
            <xs:element minOccurs="0" name="specialPriceType" type="tns:specialPriceType" />
            <xs:element minOccurs="0" name="mfgPartNumber" type="xs:string" />
        </xs:sequence>
    </xs:complexType>
    <xs:complexType name="getPriceAvailabilityResponse">
        <xs:sequence>
            <xs:element minOccurs="0" name="return" type="tns:pnaResponse" />
        </xs:sequence>
    </xs:complexType>
    <xs:complexType name="pnaResponse">
        <xs:sequence>
            <xs:element maxOccurs="unbounded" name="priceAvailabilityList" type="tns:pnaDetail" />
            <xs:element name="errorMessage" type="xs:string" />
            <xs:element name="errorDetail" type="xs:string" />
        </xs:sequence>
    </xs:complexType>
    <xs:complexType name="pnaDetail">
        <xs:sequence>
            <xs:element name="synnexSku" type="xs:int" />
            <xs:element name="mfgPartNumber" type="xs:string" />
            <xs:element name="mfgCode" type="xs:int" />
            <xs:element name="status" type="tns:pnaPartStatus" />
            <xs:element name="shortDescription" type="xs:string" />
            <xs:element name="globalProductStatusCode" type="tns:pnaPartStatus" />
            <xs:element name="resellerPrice" type="xs:double" />
            <xs:element name="totalQuantity" type="xs:int" />
            <xs:element name="totalOnOrder" type="xs:int" />
            <xs:element name="totalBO" type="xs:int" />
            <xs:element maxOccurs="unbounded" name="availabilityByWarehouseList" type="tns:availabilityByWarehouse" />
            <xs:element name="lineNumber" type="xs:int" />
            <xs:element minOccurs="0" name="specialPriceType" type="tns:specialPriceType" />
        </xs:sequence>
    </xs:complexType>
    <xs:complexType name="availabilityByWarehouse">
        <xs:sequence>
            <xs:element name="warehouseInfo" type="tns:warehouseInfo" />
            <xs:element name="quantity" type="xs:int" />
            <xs:element maxOccurs="unbounded" minOccurs="0" name="ETAList" type="tns:availETA" />
            <xs:element name="OnOrder" type="xs:int" />
            <xs:element name="BO" type="xs:int" />
        </xs:sequence>
    </xs:complexType>
    <xs:complexType name="warehouseInfo">
        <xs:sequence>
            <xs:element name="warehouse" type="tns:warehouse" />
            <xs:element name="zipCode" type="xs:string" />
            <xs:element name="city" type="xs:string" />
            <xs:element name="address" type="xs:string" />
        </xs:sequence>
    </xs:complexType>
    <xs:complexType name="availETA">
        <xs:sequence>
            <xs:element minOccurs="0" name="ETA" type="xs:string" />
            <xs:element name="QTY" type="xs:int" />
        </xs:sequence>
    </xs:complexType>
    <xs:simpleType name="specialPriceType">
        <xs:restriction base="xs:string">
            <xs:enumeration value="PROMOTION" />
            <xs:enumeration value="FEDERALGOVERNMENT" />
            <xs:enumeration value="STATEGOVERNMENT" />
            <xs:enumeration value="EDUCATION" />
        </xs:restriction>
    </xs:simpleType>
    <xs:simpleType name="warehouse">
        <xs:restriction base="xs:string">
            <xs:enumeration value="ANY" />
            <xs:enumeration value="CLOSEST" />
            <xs:enumeration value="MULTIPLE" />
            <xs:enumeration value="DNV" />
            <xs:enumeration value="DFR" />
            <xs:enumeration value="DAT" />
            <xs:enumeration value="DTX" />
            <xs:enumeration value="DCH" />
            <xs:enumeration value="DTN" />
            <xs:enumeration value="DNJ" />
            <xs:enumeration value="DDC" />
            <xs:enumeration value="DOR" />
            <xs:enumeration value="DLA" />
            <xs:enumeration value="DCC" />
            <xs:enumeration value="DOH" />
            <xs:enumeration value="DFL" />
            <xs:enumeration value="DDS" />
            <xs:enumeration value="UNKNOWN" />
            </xs:restriction>
    </xs:simpleType>
    <xs:simpleType name="pnaPartStatus">
        <xs:restriction base="xs:string">
            <xs:enumeration value="DISCONTINUED" />
            <xs:enumeration value="INACTIVE" />
            <xs:enumeration value="ACTIVE" />
            <xs:enumeration value="NOTAUTHORIZED" />
            <xs:enumeration value="NOTSETUP" />
            <xs:enumeration value="NOTFOUND" />
            <xs:enumeration value="UNKNOWN" />
        </xs:restriction>
    </xs:simpleType>
</xs:schema>
  </wsdl:types>
  <wsdl:message name="getPriceAvailability">
    <wsdl:part element="tns:getPriceAvailability" name="parameters">
    </wsdl:part>
  </wsdl:message>
  <wsdl:message name="getPriceAvailabilityResponse">
    <wsdl:part element="tns:getPriceAvailabilityResponse" name="parameters">
    </wsdl:part>
  </wsdl:message>
  <wsdl:portType name="PriceAvailabilityService" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" wsp:PolicyURIs="#UTOverTransport">
    <wsdl:operation name="getPriceAvailability">
      <wsdl:input message="tns:getPriceAvailability" name="getPriceAvailability">
    </wsdl:input>
      <wsdl:output message="tns:getPriceAvailabilityResponse" name="getPriceAvailabilityResponse">
    </wsdl:output>
    </wsdl:operation>
  </wsdl:portType>
  <wsdl:binding name="PriceAvailabilityServiceV02SoapBinding" type="tns:PriceAvailabilityService">
    <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" />
    <wsdl:operation name="getPriceAvailability">
      <soap:operation soapAction="" style="document" />
      <wsdl:input name="getPriceAvailability">
        <soap:body use="literal" />
      </wsdl:input>
      <wsdl:output name="getPriceAvailabilityResponse">
        <soap:body use="literal" />
      </wsdl:output>
    </wsdl:operation>
  </wsdl:binding>
  <wsdl:service name="PriceAvailabilityServiceV02">
    <wsdl:port binding="tns:PriceAvailabilityServiceV02SoapBinding" name="PriceAvailabilityServicePort">
      <soap:address location="http://ws.synnex.com/webservice/pnaserviceV02" />
    </wsdl:port>
     <wsdl:port binding="tns:PriceAvailabilityServiceV02SoapBinding" name="PriceAvailabilityServicePort_UAT">
      <soap:address location="http://testws.synnex.com/webservice/pnaserviceV02" />
    </wsdl:port>
  </wsdl:service>
</wsdl:definitions>

1 个解决方案

解决方案1
 0 已采纳  2011-12-26 07:18:26

Answering my own question again...(not so bad though) 再次回答我自己的问题...(虽然还不错)

I discovered that I am in fact trying to connect to a CXF service http://cxf.apache.org/ 我发现我实际上是在尝试连接到CXF服务http://cxf.apache.org/

This particular service uses WS Security outlined here: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=wss 此特定服务使用此处概述的WS安全性: http ://www.oasis-open.org/committees/tc_home.php?wg_abbrev= wss

I am not the only one who has ran into this issue when attempting to connect to such a service using PHP, fortunately (for me) I found this post http://sastriawan.blogspot.com/2010/01/accessing-ws-security-protected.html 尝试使用PHP连接到此类服务时,我不是唯一一个遇到此问题的人,幸运的是(对我而言)我发现了这篇文章http://sastriawan.blogspot.com/2010/01/accessing-ws- security-protected.html

The link above clearly shows an example of how to use a class obtained from the University of Tornto's website, and another small library called 'xmlseclibs' that I found at Google Code http://code.google.com/p/xmlseclibs/ 上面的链接清楚地显示了如何使用从Tornto大学网站获得的类的示例,以及我在Google Code http://code.google.com/p/xmlseclibs/上找到的另一个名为“ xmlseclibs”的小型库。

I haven't studied the 'new' code extensively yet, but it appears that it handles putting the authentication into the header of the request, and is working for me just fine. 我还没有广泛研究“新”代码,但是看来它可以将身份验证放入请求的标头中,并且对我来说还不错。

I created a new class similar to the one on the blog that extends SoapClient and added my own auth credentials and am now able to connect to the server...only getting complaints about method variables missing...which I will fix shortly now that I can make a connection. 我在博客上创建了一个类似于SoapClient的新类,并添加了自己的身份验证凭据,现在可以连接到服务器...只收到有关方法变量缺失的投诉...我将在近期修复此问题我可以建立联系。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何确保数据库连接安全? - How do I make my database connection secure? 如何使用PHP检测安全连接(https)? - How to detect secure connection (https) using PHP? 我怎样才能使这个 PHP $_POST 更安全? - 或者它已经安全了吗? - How could I make this PHP $_POST more secure? -Or is it secure already? 如何使服务器上的文件夹安全? - How do i make folder on server secure? 我如何保护PHP表单? - How do I secure PHP forms? 我如何保护这个PHP脚本? - How do i secure this PHP script? 如何保护 PHP 中的用户登录 - How do I secure user login in PHP 如何使用PHP实现与MySQL数据库的持久连接? - How do i implement a persistent connection to a MySQL Database using PHP? 如何使用TAD类php解决连接问题 - How do I solve Connection problem using TAD class php 我如何使用 oAuth 和 php 设置 api linkedin 连接 - How do i setup a api linkedin connection using oAuth and php
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM