php soap not sending security .pem certificate

Question

ppetree 2 Junior Poster

13 Years Ago

Hi All!

I'm apparently doing something very wrong here... I can't get my soap client to send the security certificate which a valid .pem file and because of that the subsequent calls are failing.

What do I have to do to get the soap client to send the pem file?

Thanks,

Pete

<?php
  $wsdl = "open.wsdl";
  
  // setup the transaction array
  $header = array('local_cert' => "certificate.pem",
                  'logonUser'  => "user_name",
                  'style'      => SOAP_DOCUMENT,
                  'use'        => SOAP_LITERAL,
                  'exceptions' => true,
                  'trace'      => true);                  
    
  // create the soap client, this will log us in
  $client = new SoapClient($wsdl, $header);

  try
  { 
    $response = $client->getMessage($parameters);
  }
  catch (Exception $e) 
  {
    dumpVars($client->__getLastRequest()); 
    echo 'Caught exception: ',  $e->getMessage(), "\n"; 
  }
?>

Notice how none of the header info is being sent and no security certificate!

<?xml version="1.0" encoding="UTF-8"?>
    <SOAP-ENV:Envelope 
      xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" 
      xmlns:ns1="http://domain.com/soap_request" 
      xmlns:ns2="http://domain.com/soap_request/">
      <SOAP-ENV:Body>
        <ns2:getMessageTypeDef>
        <ns1:requestAPI>API_TYPE1</ns1:requestAPI>
        <ns1:requestOperation>getMessageByDate</ns1:requestOperation>
        </ns2:getMessageTypeDef>
      </SOAP-ENV:Body>
    </SOAP-ENV:Envelope>

api cybersecurity php

2 Contributors
5 Replies
3K Views
2 Days Discussion Span
Latest Post 13 Years Ago Latest Post by ppetree

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

ppetree 2 Junior Poster · Answer 1 · 2011-08-01T19:43:33+00:00

Apparently, PHP does not support WS security in its soap class so, its not that I'm doing something wrong... its php!

jkon 636 Posting Whiz in Training Featured Poster · Answer 2 · 2011-08-01T20:56:40+00:00

Apparently, PHP does not support WS security in its soap class so, its not that I'm doing something wrong... its php!

How did you ended with that opinion (that PHP is the problem?). Take a good look at examples in http://www.php.net/manual/en/soapclient.soapclient.php . Are you sure about the “logonUser” key that you are using ?

ppetree 2 Junior Poster · Answer 3 · 2011-08-01T21:11:33+00:00

Simple. PHP does not natively support WS-Security in its SoapClient class nor in its SoapServer class. You have to superclass the php soap class and add support.

Comparing other tools: .net, ruby etc. they all support ws-security natively so with a few clicks you have it taken care of.

Dont get me wrong, I'm a huge PHP fan but it does have a few gaping wholes.

jkon 636 Posting Whiz in Training Featured Poster · Answer 4 · 2011-08-01T21:43:46+00:00

I understand your point, but since I write rarely in .net and have more flight hours with Java , so the word “natively” has a little meaning to me. I have never tried to use WS-Secure in PHP , although what I’ve read in php.net pointed that it is easy as well. Take a look at http://wso2.org/library/2814 (just searching about it). Hope you find your way to it easily, and maybe the best way is what you said, to create a super class covering your needs.

ppetree 2 Junior Poster · Answer 5 · 2011-08-02T01:58:51+00:00

Natively means the functions are built in and can be made to work with little effort. Having to extend classes etc. is not natively.

I learned in my early days of programming that just because it looks easy doenst mean its the right thing to do! LOL