如何在php5中实现ws-security 1.1

发布时间：2020-12-13 13:35:32 所属栏目：PHP教程来源：网络整理

导读：我试图在 PHP5中使用Soap调用Web服务,为此,我需要使用WS-Security 1.1. (在java和.NET中,这都是自动生成的.) 是否有任何框架可用于在PHP中轻松生成安全标头？或者我必须自己添加整个标头？ WS-Security 1.1：http://oasis-open.org/committees/download.php/

我试图在 PHP5中使用Soap调用Web服务,为此,我需要使用WS-Security 1.1.

(在java和.NET中,这都是自动生成的.)

是否有任何框架可用于在PHP中轻松生成安全标头？或者我必须自己添加整个标头？

WS-Security 1.1：http://oasis-open.org/committees/download.php/16790/wss-1.1-spec-os-SOAPMessageSecurity.pdf的规格

PHP Classes,Roger Veciana i Rovira提交了这个(我刚刚重新格式化了代码)：

class WSSoapClient extends SoapClient {

    private $username;
    private $password;
    /*Generates de WSSecurity header*/
    private function wssecurity_header() {

        /* The timestamp. The computer must be on time or the server you are
         * connecting may reject the password digest for security.
         */
        $timestamp = gmdate('Y-m-dTH:i:sZ');
        /* A random word. The use of rand() may repeat the word if the server is
         * very loaded.
         */
        $nonce = mt_rand();
        /* This is the right way to create the password digest. Using the
         * password directly may work also,but it's not secure to transmit it
         * without encryption. And anyway,at least with axis+wss4j,the nonce
         * and timestamp are mandatory anyway.
         */
        $passdigest = base64_encode(
                pack('H*',sha1(
                                pack('H*',$nonce) . pack('a*',$timestamp).
                                pack('a*',$this->password))));

        $auth = '
<wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.'.
'org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
    <wsse:Username>'.$this->username.'</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-'.
'wss-username-token-profile-1.0#PasswordDigest">'.$passdigest.'</wsse:Password>
    <wsse:Nonce>'.base64_encode(pack('H*',$nonce)).'</wsse:Nonce>
    <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-'.
'200401-wss-wssecurity-utility-1.0.xsd">'.$timestamp.'</wsu:Created>
   </wsse:UsernameToken>
</wsse:Security>
';

        /* XSD_ANYXML (or 147) is the code to add xml directly into a SoapVar.
         * Using other codes such as SOAP_ENC,it's really difficult to set the
         * correct namespace for the variables,so the axis server rejects the
         * xml.
         */
        $authvalues = new SoapVar($auth,XSD_ANYXML);
        $header = new SoapHeader("http://docs.oasis-open.org/wss/2004/01/oasis-".
            "200401-wss-wssecurity-secext-1.0.xsd","Security",$authvalues,true);

        return $header;
    }

    /* It's necessary to call it if you want to set a different user and
     * password
     */
    public function __setUsernameToken($username,$password) {
        $this->username = $username;
        $this->password = $password;
    }


    /* Overwrites the original method adding the security header. As you can
     * see,if you want to add more headers,the method needs to be modifyed
     */
    public function __soapCall($function_name,$arguments,$options=null,$input_headers=null,$output_headers=null) {

        $result = parent::__soapCall($function_name,$options,$this->wssecurity_header());

        return $result;
    }
}

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!