Michael Rasmussen wrote:
1) In PEAR::SOAP you were able to add a header handler inside the actual
server in which case clients could set mustUnderStand to true. In ext/SOAP
this is not working - or at least I have not been able to make it work:-)
you need to add the following to the LoginServer class on the server side:
public function authenticate($auth)
{
$this->uid = $auth->username;
$this->pwd = $auth->password;
}
this is executed when the SoapServer processes the headers.
2) Passing headers requires you to implement your own header parser and
overload Client::__doRequest if you want to be able to use a client
generated from a WSDL. Or you could stick to Client::__soapCall. The
server part PEAR::SOAP created a header handler automatically but in the
client you had to create your own header handler
3) I have not been able to figure out how to add it to a WSDL in a way
that clients automatically would create the appropriate headers.
Am not sure what you mean by the above 2. Have you looked at the
__setSoapHeaders() method (as of 5.0.5)? It takes an array of SoapHeader
objects to be added to the message.
4) Security would have to rely on HTTPS
Not necessarily. Can use the encryption to protect credentials and/or
digital signatures to prove identity.
5) Implementing WSSE is a task I have not been able to solve jet.
It is possible. I have been communicating with a .NET service that
requires wsa, wsu and wsse. The wsse is actually using xml-dsig with
x509. I am planning on writing about how to do all of this (including
adding xml-enc) in the near future.
On the server side, it is a bit more complicated and I have been doing
some research how to make it a little easier to accomplish these on that
end.
Rob
--
rrichards@ctindustries.net
author of Pro PHP XML and Web Services from Apress
--
PHP Soap Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
