PHP SOAP Security header

Question

I'm starting with SOAP / PHP and have to send a security. IT's drving me crazy, I have tried a dozen approachesd found here but nothing works. Here is the header excpected by the service - how can I send it?

<soapenv:Envelope
    xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
    xmlns:v1="http://v1.cc.b2c.ws.rcs.buergel.de/">
    <soapenv:Header>
        <wsse:Security soapenv:mustUnderstand="1"
            xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsse:UsernameToken wsu:Id="UsernameToken-6">
                <wsse:Username>99999999</wsse:Username>
                <wsse:Password  Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
                99999999
                </wsse:Password>
                <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">
                920ffm0dBhbpa4/Q7ZYGsQ==
                </wsse:Nonce>
                <wsu:Created>2013-07-18T11:01:27.312Z</wsu:Created>
            </wsse:UsernameToken>
        </wsse:Security>
    </soapenv:Header>
</soapenv:Envelope>

I used this approach last: Connecting to WS-Security protected Web Service with PHP and get following error:

public 'faultstring' => string 'An error was discovered processing the header' (length=61) public 'faultcode' => string 'ns1:InvalidSecurity' (length=19)

I really appreciate every help - thanks in advance.

Here is my current php code.

   /**
 * This function implements a WS-Security digest authentification for PHP.
 *
 * @access private
 * @param string $user
 * @param string $password
 * @return string
 */
function generateWSSecurity($user, $password)
{
    // Creating date using yyyy-mm-ddThh:mm:ssZ format
    $tm_created = gmdate('Y-m-d\TH:i:s\Z');
    $tm_expires = gmdate('Y-m-d\TH:i:s\Z', gmdate('U') + 180);

    // Generating, packing and encoding a random number
    $simple_nonce = mt_rand();
    $encoded_nonce = base64_encode(pack('H*', $simple_nonce));

    // Compiling WSS string
    $passdigest = base64_encode(pack('H*',sha1(pack('H*', $simple_nonce) . pack('a*', $tm_created) . pack('a*', $password))));

    // Initializing namespaces
    $ns_envelope = 'http://schemas.xmlsoap.org/soap/envelope/';
    $ns_wsse = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
    $ns_wsu = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd';
    $password_type = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText';
    $encoding_type = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary';

    // Creating WSS identification header using SimpleXML
    $root = new \SimpleXMLElement('<root/>');

    $envelope = $root->addChild('soapenv:Envelope', null, $ns_envelope);

    $soapheader = $envelope->addChild('soapenv:Header');

    $security = $soapheader->addChild('wsse:Security', null, $ns_wsse);
    $security->addAttribute('soapenv:mustUnderstand','1');

    $usernameToken = $security->addChild('wsse:UsernameToken', null, $ns_wsse);
    $usernameToken->addChild('wsse:Username', $user, $ns_wsse);

    $password = $usernameToken->addChild('wsse:Password', $passdigest, $ns_wsse);
    $password->addAttribute('Type', $password_type);

    $nonce = $usernameToken->addChild('wsse:Nonce', $encoded_nonce, $ns_wsse);
    $nonce->addAttribute('EncodingType', $encoding_type);

    $usernameToken->addChild('wsu:Created', $tm_created, $ns_wsu);

    // Recovering XML value from that object
    $root->registerXPathNamespace('soapenv', $ns_envelope);
    $full = $root->xpath('/root/soapenv:Envelope');
    $auth = $full[0]->asXML();
    return $auth;
}

function soapClientWSSecurityHeader($user, $password)
{
    return new \SoapHeader('http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd',
            'Security', new \SoapVar(generateWSSecurity($user, $password), XSD_ANYXML), true
    );
}

$client = new \SoapClient('https://webservice?wsdl');
$client->__setSoapHeaders(soapClientWSSecurityHeader('user', 'pass'));

It works so far, but now I get this if I call any operation:

public 'faultstring' => string 'Bad credentials' (length=15) public 'faultcode' => string 'soap:Server' (length=11)

Any ideas?

Can you show us your PHP code you have now for setting the header? Did you see this topic already? http://stackoverflow.com/questions/953639/connecting-to-ws-security-protected-web-service-with-php — koenoe, Feb 11 '14 at 15:35
Yes, saw that already and tested around with attached php examples with no luck. It is no basic authentication. — Ole_S, Feb 12 '14 at 07:49
Found this question / answer which solved it. http://stackoverflow.com/questions/2987907/how-to-implement-ws-security-1-1-in-php5 — Ole_S, Feb 12 '14 at 15:46
Would you mind posting your solution? I have exactly the same task to do, but I don't get it... Thank you — Floyd, Dec 04 '14 at 10:23
Sorry, it was to long ago and I finally don't complete this project — Ole_S, Dec 05 '14 at 11:43
I have the exact same task, have you solved this? does it work? I also get the Bad Credentials error. If you solved this please create an answer with your example. — lewis4u, Jan 08 '19 at 20:35
No I don't. But do you checked the other thread I mentioned? — Ole_S, Jan 08 '19 at 21:48
Yes, I have tried, but I get errors: either this: Bad Credentials or Uncaught SoapFault exception: [ns1:InvalidSecurityToken] — lewis4u, Jan 09 '19 at 08:17
I discussed this issue with a colleague and he runs into the same problem. SOAP is a pain imho. — Ole_S, Jan 15 '19 at 08:16

PHP SOAP Security header

0 Answers0