0

I try to create script for communication with WS-Security (for the first time) in PHP:

require ('WSSoapClient.php');
$soapclient = new WSSoapClient('https://katastr.cuzk.cz/trial/dokumentace/ws22/wsdp/vyhledat_v22.wsdl');
$soapclient->__setUsernameToken('username', 'password');
$params = array('katastrUzemiKod'=>693936, 'kmenoveCislo'=>1385);
$response = $soapclient->__soapCall('najdiParcelu', $params);
var_dump($response);

And this script failed:

PHP Fatal error: Uncaught SoapFault exception: [wsse:InvalidSecurity] Error on verifying message against security policy Error code:1000 in /home/jura/bin/WSSoapClient.php:75

Is any way to see, what this script exactly sent to server and what was the response?

Bruce
  • 1,647
  • 4
  • 20
  • 22
user1445977
  • 21
  • 1
  • 5

1 Answers1

1

The problem is the $soapclient->__setUsernameToken('username', 'password') function is expecting a 3rd parameter of either 'PasswordDigest' or 'PasswordText'.

This is badly handled in the WSSoapClient class. It should really throw an exception if the passwordType argument is missing. What it tries to do is this:

// $this->generateWSSecurityHeader() returns an empty string if 3rd parameter missing.

$this->__setSoapHeaders($this->generateWSSecurityHeader());

If PHP is in strict mode like mine you would get these warnings:

PHP Warning: SoapClient::__setSoapHeaders(): Invalid SOAP header...

Warning: SoapClient::__setSoapHeaders(): Invalid SOAP header...

You need to figure out the password type and pass that as your 3rd argument in the setUsernameToken() function.

RyanNerd
  • 3,059
  • 1
  • 22
  • 28
  • to fix Invalid SOAP heade you need to add network access from salesforce as mentioned https://developer.salesforce.com/forums/?id=906F00000008pAhIAI – Ruwantha Oct 26 '16 at 07:16