如何在PHP5中實現ws-security 1.1

Question

我想在PHP5中調用soap的webservice，爲此，我需要使用WS-Security 1.1。

（在Java和.NET這是所有自動生成的。）

是否有提供給PHP容易產生安全報頭的任何框架？或者我必須自己添加整個標題？ 1.1的WS-Security的

規格：http://oasis-open.org/committees/download.php/16790/wss-1.1-spec-os-SOAPMessageSecurity.pdf

Answer 1

在PHP Classes，羅傑Veciana我羅維拉提交這個（我只是重新格式化代碼）：

class WSSoapClient extends SoapClient { 

    private $username; 
    private $password; 
    /*Generates de WSSecurity header*/ 
    private function wssecurity_header() { 

     /* The timestamp. The computer must be on time or the server you are 
     * connecting may reject the password digest for security. 
     */ 
     $timestamp = gmdate('Y-m-d\TH:i:s\Z'); 
     /* A random word. The use of rand() may repeat the word if the server is 
     * very loaded. 
     */ 
     $nonce = mt_rand(); 
     /* This is the right way to create the password digest. Using the 
     * password directly may work also, but it's not secure to transmit it 
     * without encryption. And anyway, at least with axis+wss4j, the nonce 
     * and timestamp are mandatory anyway. 
     */ 
     $passdigest = base64_encode(
       pack('H*', 
         sha1(
           pack('H*', $nonce) . pack('a*',$timestamp). 
           pack('a*',$this->password)))); 

     $auth = ' 
<wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.'. 
'org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> 
<wsse:UsernameToken> 
    <wsse:Username>'.$this->username.'</wsse:Username> 
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-'. 
'wss-username-token-profile-1.0#PasswordDigest">'.$passdigest.'</wsse:Password> 
    <wsse:Nonce>'.base64_encode(pack('H*', $nonce)).'</wsse:Nonce> 
    <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-'. 
'200401-wss-wssecurity-utility-1.0.xsd">'.$timestamp.'</wsu:Created> 
    </wsse:UsernameToken> 
</wsse:Security> 
'; 

     /* XSD_ANYXML (or 147) is the code to add xml directly into a SoapVar. 
     * Using other codes such as SOAP_ENC, it's really difficult to set the 
     * correct namespace for the variables, so the axis server rejects the 
     * xml. 
     */ 
     $authvalues = new SoapVar($auth,XSD_ANYXML); 
     $header = new SoapHeader("http://docs.oasis-open.org/wss/2004/01/oasis-". 
      "200401-wss-wssecurity-secext-1.0.xsd", "Security", $authvalues, 
       true); 

     return $header; 
    } 

    /* It's necessary to call it if you want to set a different user and 
    * password 
    */ 
    public function __setUsernameToken($username, $password) { 
     $this->username = $username; 
     $this->password = $password; 
    } 


    /* Overwrites the original method adding the security header. As you can 
    * see, if you want to add more headers, the method needs to be modifyed 
    */ 
    public function __soapCall($function_name, $arguments, $options=null, 
      $input_headers=null, $output_headers=null) { 

     $result = parent::__soapCall($function_name, $arguments, $options, 
       $this->wssecurity_header()); 

     return $result; 
    } 
}