Hi All!

I'm apparently doing something very wrong here... I can't get my soap client to send the security certificate which a valid .pem file and because of that the subsequent calls are failing.

What do I have to do to get the soap client to send the pem file?

Thanks,

Pete

<?php
  $wsdl = "open.wsdl";
  
  // setup the transaction array
  $header = array('local_cert' => "certificate.pem",
                  'logonUser'  => "user_name",
                  'style'      => SOAP_DOCUMENT,
                  'use'        => SOAP_LITERAL,
                  'exceptions' => true,
                  'trace'      => true);                  
    
  // create the soap client, this will log us in
  $client = new SoapClient($wsdl, $header);

  try
  { 
    $response = $client->getMessage($parameters);
  }
  catch (Exception $e) 
  {
    dumpVars($client->__getLastRequest()); 
    echo 'Caught exception: ',  $e->getMessage(), "\n"; 
  }
?>

Notice how none of the header info is being sent and no security certificate!

<?xml version="1.0" encoding="UTF-8"?>
    <SOAP-ENV:Envelope 
      xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" 
      xmlns:ns1="http://domain.com/soap_request" 
      xmlns:ns2="http://domain.com/soap_request/">
      <SOAP-ENV:Body>
        <ns2:getMessageTypeDef>
        <ns1:requestAPI>API_TYPE1</ns1:requestAPI>
        <ns1:requestOperation>getMessageByDate</ns1:requestOperation>
        </ns2:getMessageTypeDef>
      </SOAP-ENV:Body>
    </SOAP-ENV:Envelope>

Apparently, PHP does not support WS security in its soap class so, its not that I'm doing something wrong... its php!

Apparently, PHP does not support WS security in its soap class so, its not that I'm doing something wrong... its php!

How did you ended with that opinion (that PHP is the problem?). Take a good look at examples in http://www.php.net/manual/en/soapclient.soapclient.php . Are you sure about the “logonUser” key that you are using ?

Simple. PHP does not natively support WS-Security in its SoapClient class nor in its SoapServer class. You have to superclass the php soap class and add support.

Comparing other tools: .net, ruby etc. they all support ws-security natively so with a few clicks you have it taken care of.

Dont get me wrong, I'm a huge PHP fan but it does have a few gaping wholes.

I understand your point, but since I write rarely in .net and have more flight hours with Java , so the word “natively” has a little meaning to me. I have never tried to use WS-Secure in PHP , although what I’ve read in php.net pointed that it is easy as well. Take a look at http://wso2.org/library/2814 (just searching about it). Hope you find your way to it easily, and maybe the best way is what you said, to create a super class covering your needs.

Natively means the functions are built in and can be made to work with little effort. Having to extend classes etc. is not natively.

I learned in my early days of programming that just because it looks easy doenst mean its the right thing to do! LOL