我尝试使用usernameToken调用合作伙伴WS。我在php5.2.x下使用ws02 wsf_2.0.0,它很有用。现在我们想要迁移基于php5.3的不同解决方案,幸运的是,ws02提供了一个兼容php5.3的2.1.0标签。我花时间阅读这个新版本的新功能和文档,特别是关于usernameToken。我通过证书和私钥了解了此版本使用的有关usernameToken的签名。我猜想是AsymetricTransportBinding策略的b/c。在我的情况下,我不想通过证书或任何东西签署任何东西。我还了解到,ws02在单独的xml文件中提供了一种回退,以避免任何签名。WS02/WSF PHP 2.1.0 UsernameToken问题
阅读了很多帖子后,论坛我需要社区的一些帮助b/c我完全卡住了。
下面是用于请求在所述PHP5.3 WS代码 - WSF 2.1.0(使用HTTP)
$policy = new \WSPolicy($policy); ($policy is the one from the call_back folder with a file_get_contents())
$security = new \WSSecurityToken(array(
'user' => 'my_username',
'password' => 'my_password',
'passwordType' => 'Digest',
'ttl' => '300'
));
$this->oSoapClient = new \WSClient(array(
wsdl: http://www.xxx.xx/comparatorservices/CalculationService?WSDL
to: http://www.xxx.xx/comparatorservices/CalculationService
useWSA: true
useSOAP: 1.1,
policy: $policy,
securityToken: $security
));
$proxy = $this->oSoapClient->getProxy();
$response = $proxy->wykonajKalkulacje($MySuperRequestObject);
在这个步骤:
- 我激活调试迹线(日志级别4)
我确认我 “到” 使用HTTP accoring到WSDL定义
WSDL:端口名称=“CalculationService HTTPPORT”绑定= “TNS:CalculationServiceHttpBinding” 的wsdlsoap:地址位置= “HTTP://www.xxxx.xx/comparatorservices/CalculationService” /WSDL:端口
现在,我抓住这个:
[Wed Jul 25 05:22:53 2012] [error] rampart_in_handler.c(91) [rampart]SOAP header cannot be found.
[Wed Jul 25 05:22:53 2012] [error] phase.c(224) Handler RampartInHandler invoke failed within phase Security
[Wed Jul 25 05:22:53 2012] [error] engine.c(657) Invoking phase Security failed
[Wed Jul 25 05:22:53 2012] [error] engine.c(262) Invoking operation specific phases failed for operation __OPERATION_OUT_IN__
[Wed Jul 25 05:22:53 2012] [error] /home/agruet/08_KRK_sources/wso2-wsf-php-src-2.1.0/src/wsf_wsdl.c(1226) [wsf_wsdl] Response envelope not found
所以我的第一个想法是嗅探工作(wsf_2.0.0/php5.2.x)和breaked(wsf_2.1.0/PHP5.3)
之间的交通,特别是SOAP头这里是2.0.0(working)
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>my_username</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">
hashed(my_password)
</wsse:Password>
<wsse:Nonce>hashed</wsse:Nonce>
<wsu:Created>2012-07-26T20:40:26.991Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
而且2.1.0(不工作/ breaked)
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>my_username</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">hashed(my_password)</wsse:Password>
<wsse:Nonce>hashed</wsse:Nonce>
<wsu:Created>2012-07-25T00:44:56.758Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
就像你看到的,唯一的区别来自于WSSE:安全命名空间。 (缺少的xmlns:soapenv =“http://schemas.xmlsoap.org/soap/envelope/)
而这一切......
在检查线91 rampart_in_handler.c根据调试日志说:
soap_header = axiom_soap_envelope_get_header(soap_envelope, env);
if(!soap_header)
{
/*No SOAP header, so no point of proceeding. FAIL*/
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "[rampart]SOAP header cannot be found.");
return AXIS2_FAILURE;
}
含义啊....在SOAP_HEADER是假的..但为什么会出现为了解释什么是错的任何聪明的家伙
诺塔1:?? 我检查发送到政策来自工作(2.0.0)的合作伙伴WS似乎是一个AsymetricBi使用nding ...在2.0.0版本中很奇怪,我们没有提供任何证书或密钥。
诺塔2: 我还试图用签署的用户名令牌的经典WSPolicy对象数组PARAMS - 我创建了一个X509证书和专用密钥,然后使用该函数来载入这些文件并使用阵列PARAMS将其加载到的WSSecurity构造函数...但我收到相同的错误/嗅探是一种痛苦B/C数据被加密或类似的东西(这似乎是正常的这种方式)
nota 3: 目前在Ubuntu10.04 -3LTS与预编译的php包从apt-get
PLZ帮助!