4

I've been stuck with this for days now and I can't seem to find the answer anywhere, even though I think it's a fairly common task. Can anyone help?

I'm trying to use PHP and NuSOAP to connect to a web service. The web service requires me to both use an ssl certificate, and pass authentication parameters in the soap request. The request is supposed to look like this according to the admins of the web service:

<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
    <s:Header>
        <o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
            <o:UsernameToken>
                <o:Username>username</o:Username>
                <o:Password>password</o:Password>
            </o:UsernameToken>
        </o:Security>
    </s:Header>
    <s:Body>
        <PriceQuote xmlns="a_url">
            <PartnerProfileId>a_unique_partner_id_we_have</PartnerProfileId>
            <Reservation xmlns:d4p1="another_url" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">

                * a bunch of stuff

            </Reservation>
        </PriceQuote>
    </s:Body>
</s:Envelope>

I've been trying to figure out how to do this using NuSOAP. Right now, this is what I've got (I don't know how to pass the authentication parameters, or use the certificate files I have):

$client = new nusoap_client("https://endpoint_url");
$client->soap_defencoding = 'UTF-8'; 

$result = $client->call("PriceQuote", "");

// For debugging
echo '<h2>Request</h2>';
echo '<pre>' . htmlspecialchars($client->request, ENT_QUOTES) . '</pre>';
echo '<h2>Response</h2>';
echo '<pre>' . htmlspecialchars($client->response, ENT_QUOTES) . '</pre>';
echo '<h2>Debug</h2>';
echo '<pre>' . htmlspecialchars($client->debug_str, ENT_QUOTES) . '</pre>';

From using the debugging code above, I can see that this is the response I get from the web service:

HTTP/1.1 500 Internal Server Error
Date: Mon, 02 May 2011 13:42:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Content-Length: 347

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
    <s:Body>
        <s:Fault>
            <faultcode xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                a:InvalidSecurity
            </faultcode>
            <faultstring xml:lang="sv-SE">
                An error occurred when verifying security for the message.
            </faultstring>
        </s:Fault>
    </s:Body>
</s:Envelope>

This response is of course not surprising, since I'm not passing any authentication parameters in the request.

Does anyone know how I can pass the username and password in the Header of the SOAP request, as well as how I use the ssl certificate files I have? As you can probably tell, I'm pretty new to web services and NuSOAP. If something in my question doesn't make sense, please let me know.

Erik Frisk
  • 219
  • 2
  • 5
  • 13

1 Answers1

2

if you don't need to you nu_soap you can solve the problem via below script 

<?PHP
$client = new SoapClient("http://Your Wsdl Location", array("trace" => 0));
$HeaderSecurity = array("UsernameToken"=>array("Username"=>"YourUserName",
                                          "Password"=>"YourPassword",
                                )

);

$header[] = new SoapHeader("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd","Security",$HeaderSecurity);

$client->__setSoapHeaders($header);
//$client->__setLocation("https://YourTargetLocation/"); if you have wsdl file you don't need to use this line 
$REsponse = $client->YourRequest();
?>
Mustafa
  • 140
  • 1
  • 9
  • Thanks for the quick response Mustafa. Using this (slightly modified as I'm working without a wsdl file) I still get an error: **Fatal error: Uncaught SoapFault exception: [a:InvalidSecurity] An error occurred when verifying security for the message.** Could this be because I'm still not using the ssl certificate files? If so, do you know how I can include them? – Erik Frisk May 02 '11 at 15:23
  • maybe you can try passing direct xml line (this is for nu_soap) : `$client->call('MethodName',$RequestXml,NULL,"MethodName",NULL,NULL,"document");` pass the xml in `$RequestXml` and type your MethodNames in example. – Mustafa May 02 '11 at 15:32
  • Thanks! I modified your suggestion to also include the header xml: `$result = $client->call("PriceQuote",$RequestBody,NULL,"PriceQuote",$RequestHeader,NULL,"document");`. This gave me a new error: **...ContractFilter mismatch at the EndpointDispatcher. This may be because of either a contract mismatch (mismatched Actions between sender and receiver) or a binding/security mismatch between the sender and the receiver. Check that sender and receiver have the same contract and the same binding (including security requirements, e.g. Message, Transport, None).** Could it be the missing SSL certs? – Erik Frisk May 02 '11 at 16:35
  • Unfortunately not :( But it's not something known or something you find documentation for online. – Erik Frisk May 02 '11 at 17:47
  • 1
    It turns out the final errors were due to how the soap request was formatted (the web service didn't like the formatting and responded with an Internal Server Error). Mustafa's suggestion in the comments really helped though! I used his method in the end. – Erik Frisk May 20 '11 at 10:33