0 votes
2.5k views
in General by (200 points)

$wsdl = 'http://192.168.5.234:3333/AuthWSSecurity/services/AuthHelloWS?wsdl';
$local_cert = 'client_load.pem';
$passphrase = 'password';
$client = new SoapClient($wsdl, array('trace'=>true, 'exceptions'=>true, 'local_cert' => $local_cert, 'passphrase' => $passphrase));
$request = array(
"name" => 'welcome'
);
$results = $client->authHelloWS($request);
var_dump($results); 

Result: 
Fatal error: Uncaught SoapFault exception: [wsse:InvalidSecurity] Missing wsse:Security header in request in D:\wamp\www\soap\test\test_new_soap.php:98 Stack trace: #0 D:\wamp\www\soap\test\test_new_soap.php(98): SoapClient->__call('authHelloWS', Array) #1 D:\wamp\www\soap\test\test_new_soap.php(98): SoapClient->authHelloWS(Array) #2 {main} thrown in D:\wamp\www\soap\test\test_new_soap.php on line 98

2 Answers

0 votes
by
Can you try https instead of http in the URL ?
by (200 points)
Tried getting same error ..
0 votes
by

Simply extend the SoapHeader to create a Wsse compilant authentication:

class WsseAuthHeader extends SoapHeader {

private $wss_ns = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';

function __construct($user, $pass, $ns = null) {
    if ($ns) {
        $this->wss_ns = $ns;
    }

    $auth = new stdClass();
    $auth->Username = new SoapVar($user, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wss_ns); 
    $auth->Password = new SoapVar($pass, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wss_ns);

    $username_token = new stdClass();
    $username_token->UsernameToken = new SoapVar($auth, SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'UsernameToken', $this->wss_ns); 

    $security_sv = new SoapVar(
        new SoapVar($username_token, SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'UsernameToken', $this->wss_ns),
        SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'Security', $this->wss_ns);
    parent::__construct($this->wss_ns, 'Security', $security_sv, true);
}
}



$wsse_header = new WsseAuthHeader($username, $password);
$x = new SoapClient('{...}', array("trace" => 1, "exception" => 0));
$x->__setSoapHeaders(array($wsse_header));

If you need to use ws-security with a nonce and a timestamp, Peter has posted an update version on http://php.net/manual/en/soapclient.soapclient.php#114976 of which he wrote that it did work for him:
class WsseAuthHeader extends SoapHeader
{
    private $wss_ns = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
    private $wsu_ns = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';

    function __construct($user, $pass)
    {
        $created    = gmdate('Y-m-d\TH:i:s\Z');
        $nonce      = mt_rand();
        $passdigest = base64_encode(pack('H*', sha1(pack('H*', $nonce) . pack('a*', $created) . pack('a*', $pass))));

        $auth           = new stdClass();
        $auth->Username = new SoapVar($user, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wss_ns);
        $auth->Password = new SoapVar($pass, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wss_ns);
        $auth->Nonce    = new SoapVar($passdigest, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wss_ns);
        $auth->Created  = new SoapVar($created, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wsu_ns);

        $username_token                = new stdClass();
        $username_token->UsernameToken = new SoapVar($auth, SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'UsernameToken', $this->wss_ns);

        $security_sv = new SoapVar(
            new SoapVar($username_token, SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'UsernameToken', $this->wss_ns),
            SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'Security', $this->wss_ns);
        parent::__construct($this->wss_ns, 'Security', $security_sv, true);
    }
}
by (200 points)
Thanks for your response still I am not able to get the response .. Please have look following response after binding..

class WsseAuthHeader extends SoapHeader {

private $wss_ns = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';

function __construct($user, $pass, $ns = null) {
    if ($ns) {
        $this->wss_ns = $ns;
    }

    $auth = new stdClass();
    $auth->Username = new SoapVar($user, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wss_ns);
    $auth->Password = new SoapVar($pass, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wss_ns);

    $username_token = new stdClass();
    $username_token->UsernameToken = new SoapVar($auth, SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'UsernameToken', $this->wss_ns);

    $security_sv = new SoapVar(
        new SoapVar($username_token, SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'UsernameToken', $this->wss_ns),
        SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'Security', $this->wss_ns);
    parent::__construct($this->wss_ns, 'Security', $security_sv, true);
}
}

$wsdlfile='http://192.168.5.234:3333/AuthWSSecurity/services/AuthHelloWS?wsdl';
$username='apache';
$password='apachepwd';
$wsse_header = new WsseAuthHeader($username, $password);
$x = new SoapClient($wsdlfile, array("trace" => 1, "exception" => 0));
$x->__setSoapHeaders(array($wsse_header));



$request = array(
"name" => 'welcome'
);
$results = $x->authHelloWS($request);
var_dump($results);


Result :

Fatal error: Uncaught SoapFault exception: [ns2Xvpn:InvalidSecurityToken] An invalid security token was provided (An error happened processing a Username Token "{0}") in D:\wamp\www\soap\test\test_new_soap.php:262 Stack trace: #0 D:\wamp\www\soap\test\test_new_soap.php(262): SoapClient->__call('authHelloWS', Array) #1 D:\wamp\www\soap\test\test_new_soap.php(262): SoapClient->authHelloWS(Array) #2 {main} thrown in D:\wamp\www\soap\test\test_new_soap.php on line 262


-----------------------------------------------------------------------------------------------------


class WsseAuthHeader extends SoapHeader {

private $wss_ns = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
private $wsu_ns = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';

function __construct($user, $pass) {

    $created = gmdate('Y-m-d\TH:i:s\Z');
    $nonce = mt_rand();
    $passdigest = base64_encode( pack('H*', sha1( pack('H*', $nonce) . pack('a*',$created).  pack('a*',$pass))));

    $auth = new stdClass();
    $auth->Username = new SoapVar($user, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wss_ns);
    $auth->Password = new SoapVar($pass, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wss_ns);
    $auth->Nonce = new SoapVar($passdigest, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wss_ns);
    $auth->Created = new SoapVar($created, XSD_STRING, NULL, $this->wss_ns, NULL, $this->wsu_ns);

    $username_token = new stdClass();
    $username_token->UsernameToken = new SoapVar($auth, SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'UsernameToken', $this->wss_ns);

    $security_sv = new SoapVar(
        new SoapVar($username_token, SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'UsernameToken', $this->wss_ns),
        SOAP_ENC_OBJECT, NULL, $this->wss_ns, 'Security', $this->wss_ns);
    parent::__construct($this->wss_ns, 'Security', $security_sv, true);
}
}



$client = new SoapClient("http://192.168.5.234:3333/AuthWSSecurity/services/AuthHelloWS?wsdl");
$client->__setSoapHeaders(Array(new WsseAuthHeader("apache", "apachepwd")));


$request = array(
"name" => 'welcome'
);
$results = $client->authHelloWS($request);
var_dump($results);



Result :

Fatal error: Uncaught SoapFault exception: [ns2Xvpn:InvalidSecurityToken] An invalid security token was provided (An error happened processing a Username Token "{0}") in D:\wamp\www\soap\test\test_new_soap.php:306 Stack trace: #0 D:\wamp\www\soap\test\test_new_soap.php(306): SoapClient->__call('authHelloWS', Array) #1 D:\wamp\www\soap\test\test_new_soap.php(306): SoapClient->authHelloWS(Array) #2 {main} thrown in D:\wamp\www\soap\test\test_new_soap.php on line 306
by (200 points)
edited by

Related questions

0 votes
1 answer 2.5k views
0 votes
1 answer 649 views
asked Jan 23, 2022 in General by Sarath
0 votes
1 answer 603 views
asked Oct 29, 2021 in General by anonymous
0 votes
1 answer 593 views
asked Oct 29, 2021 in General by anonymous
...