Friday, January 15, 2010

Accessing WS-Security protected (UsernameToken) WebService using PHP5 Soap

After battling for several hour trying to figure out on how to send WS-Security header using PHP5 Soap API, I finally managed to discover the work of the good people at University of Toronto . Using their example and the PHP code they posted on the website: soap-wsse.php and xmlseclibs.php, I have been able to test my CXF-powered webservice.

I have a web service running at http://localhost:9090/WS with WSDL url of http://localhost:9090/WS?wsdl. Using the following PHP script and following the direction from the University of Toronto (putting the two PHP scripts above in the same folder as my script), I have been able to call my webservice correctly.

class mySoap extends SoapClient {
   function __doRequest($request, $location, $saction, $version) {
    $doc = new DOMDocument('1.0');
    $objWSSE = new WSSESoap($doc);
    $objWSSE->addUserToken("admin", "admin", false);
    return parent::__doRequest($objWSSE->saveXML(), $location, $saction, $version);

$wsdl = 'http://localhost:9090/WS?wsdl';
$sClient = new mySoap($wsdl, array('trace'=>1));
$wrapper->word = new SoapVar("Echo testing", XSD_STRING);
$result = $sClient->echo($wrapper);

The resulting print out on the web is "Echo Testing". I hope this would help anyone that encountered similar problem.


Term Papers said...

I have been visiting various blogs for my term papers writing research. I have found your blog to be quite useful. Keep updating your blog with valuable information... Regards

dea dwitiya said...

pak,, saya mahasiswi yg sedanga mengerjakan Tugas Akhir, boleh bertanya mengenai ws-security??karena TA saya berhubungan dengan web service dan ws-security,,
blh minta contact personnya pak??