first off let me "warn" you that i am not a PHP developer and am pretty clueless about PHP. I'm the developer of the WCF Service in question and am trying to support the PHP developer on staff who is trying to consume this service.
首先让我“警告”你,我不是一个PHP开发人员,而且我对PHP很无能为力。我是有问题的WCF服务的开发人员,我正在尝试为尝试使用此服务的员工支持PHP开发人员。
He doesn't have a * login and is to busy beeing pissed off at WCF to type anything without profanity ;-)
他没有*登录,并且正忙着在WCF生气,输入任何没有*的东西;-)
Anyhow, the service is using the following security configuration:
无论如何,该服务使用以下安全配置:
<security mode="Message">
<message clientCredentialType="UserName" negotiateServiceCredential="true" algorithmSuite="Default" />
</security>
This means the message is encrypted over the line, i believe this requires a certificate which has been installed on the webserver and when consuming the service from .NET works without any problems at all.
这意味着消息是通过线路加密的,我相信这需要一个已经安装在Web服务器上的证书,并且当从.NET中使用服务时没有任何问题。
We've looked at fiddler communication and suspect RequestSecurityTokenResponse to be of import. I'm suspecting a handshake where a securitytoken is requested by the client, this is generated with a GUID as reference, the value is used to encrypt the request and the GUID is send as a reference.
我们看过fiddler通信并怀疑RequestSecurityTokenResponse是重要的。我怀疑客户端请求securitytoken的握手,这是使用GUID作为引用生成的,该值用于加密请求,GUID作为引用发送。
This is all speculation though, so far we have been unable to get the requests to even remotely look the same.
这是所有的猜测,到目前为止,我们一直无法得到甚至远程看起来相同的请求。
Any pointers in the right direction would be much appreciated.
任何指向正确方向的人都会非常感激。
So far we're trying this with WSE-PHP, which can be found through google.
到目前为止,我们正在尝试使用WSE-PHP,可以通过谷歌找到它。
EDIT:
编辑:
We've been able to confirm our thoughts with Fiddler and working clients do seem to do a handshake, there are three requests (and responses) in total which seem to exchange only security information, they are calling the following actions:
我们已经能够确认我们与Fiddler的想法,并且工作的客户似乎做了握手,总共有三个请求(和响应)似乎只交换安全信息,他们调用以下操作:
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT
After this last call a request is made with an action which seems to indicate a call to the actual webservice method:
在最后一次调用之后,使用一个动作发出请求,该动作似乎表示对实际webservice方法的调用:
http://XXXXXXXXXXXXXX/WCF/ICompany/TestConnection
This seems to have to do with SAML (i love you google) so i added this as a tag.
这似乎与SAML(我爱你google)有关,所以我将其添加为标签。
6 个解决方案
#1
1
Yes, there is support for WS-Security in PHP. Some assembly is required. See, for example, Secured Web Services with PHP. The WS-* specifications are written and implemented for interoperability, that is, so that the will operate across different platforms, vendors, transports, and languages. It is widely adopted, and the 1.1 version has been an OASIS standard since 2006.
是的,PHP中支持WS-Security。需要一些装配。例如,参见使用PHP的安全Web服务。 WS- *规范是为了互操作性而编写和实现的,也就是说,它将在不同的平台,供应商,传输和语言中运行。它被广泛采用,自2006年以来,1.1版本一直是OASIS标准。
Perhaps it would help defuse the tenion and be instructive if your PHP developer would show the ability to consume any web service that uses WS-Security, just to take your service and WCF out of the equation for a little while.
如果您的PHP开发人员能够使用任何使用WS-Security的Web服务,只是为了让您的服务和WCF在一段时间内脱离等式,这可能有助于化解Tenion并具有指导意义。
#2
1
Why dont you setup a platform independent UI project using something like SOAP UI where it will enable you to have automated tests against your WCF service, guaranteeing your contracts are sound while benefiting the PHP consumer. The reason this benefits the PHP consumer is that he will have automated test cases which he can profile/run/precident he can use to make his php side of things.
为什么不使用像SOAP UI这样的设置独立于平台的UI项目,它可以让您对WCF服务进行自动化测试,保证您的合同合理,同时使PHP消费者受益。这对PHP消费者有利的原因是他将拥有自动测试用例,他可以使用这些测试用例来分析/运行/预先设置他可以用来制作他的php方面的东西。
One thing to note is that .net namespacing can cause issues for other languages with SOAP. I really really recommend you investigate SOAP UI or a free alternative. Possibly an alternative that is free is fiddler, however I believe that is not automated.
需要注意的一点是.net命名空间可能会导致SOAP使用其他语言出现问题。我真的建议您调查SOAP UI或免费替代方案。可能是免费的替代品是提琴手,但我认为这不是自动化的。
Here are some other helpers for your PHP consumer: http://weblogs.asp.net/gunnarpeipman/archive/2007/09/17/using-wcf-services-with-php.aspx http://cgeers.com/2009/08/20/using-wcf-services-with-php-5/
以下是PHP消费者的一些其他帮助:http://weblogs.asp.net/gunnarpeipman/archive/2007/09/17/using-wcf-services-with-php.aspx http://cgeers.com/2009 / 08/20 /使用的WCF服务与 - PHP-5 /
#3
1
After my long workout for Email WCF service with attachment. Now i am able to send an email from PHP using WCF service. Here is code snippet.
经过长时间的电子邮件WCF服务与附件的锻炼后。现在我可以使用WCF服务从PHP发送电子邮件。这是代码片段。
<?php
ini_set('display_errors',1);
require_once ('nusoap.php');
$parameters= new StdClass();
$parameters->emailinfo = new StdClass();
$fileAttachmentPath = 'example.csv';
$data = base64_encode(file_get_contents($fileAttachmentPath));
$parameters->emlinfo->NoFileInfo = true;
$parameters->emlinfo->FileNameWithExt = "example.csv";
$parameters->emlinfo->FileContentBase64 = $data;
//$parameters->emlinfo->FileAttachment = $parameters->ArrayOfFileAttachment;
//$parameters->emlinfo->FileAttachment = (array) $parameters->emlinfo->FileAttachment;
$parameters->emlinfo->MailTo='';
$parameters->emlinfo->MailFrom='';
$parameters->emlinfo->MailMessage='';
$parameters->emlinfo->MailBody='';
$parameters->emlinfo->MailSubject='';
$parameters->emlinfo->MailType='';
$parameters->emlinfo->UserId='';
$parameters->emlinfo->Password='';
$parameters->emlinfo->SmtpId='';
$parameters->emlinfo->Token='';
$parameters->emlinfo->ApplicationId='';
$parameters->emlinfo->VisitorName='';
$parameters->emlinfo->VendorId='';
$parameters->emlinfo->ReplyTo='';
try {
$braspag = new SoapClient('WSDL Sevice',
array(
'trace' => 1,
'exceptions' => 1,
'style' => SOAP_DOCUMENT,
'use' => SOAP_LITERAL,
'soap_version' => SOAP_1_1,
'encoding' => 'UTF-8'
)
);
//$SendEmailResponse = $braspag->__getTypes();
$SendEmailResponse = $braspag->SendEmail($parameters);
}
catch(SoapFault $fault) {
//echo 'Ocorreu um erro: ' , $fault->getMessage();
}
var_dump($parameters->emlinfo);
?>
Regards,
Rahul Soni.
#4
0
I don't know a lot about WCF but it seems that is SOAP based. You can start by looking at php Soap functions. I see that also supports JSON communication, check JSON functions from php.
我不太了解WCF,但它似乎是基于SOAP的。您可以从查看php Soap函数开始。我看到它也支持JSON通信,从php检查JSON函数。
#5
0
(this is a bit long to add as comment to Visual Stewart's answer)
(这有点长,作为对Visual Stewart答案的评论)
clientCredentialType="UserName"....This means the message is encrypted over the line
clientCredentialType =“UserName”....这意味着消息是通过线路加密的
Not really. The message is not encrypted, but it will be sent via SSL. From the published docs:
不是真的。邮件未加密,但会通过SSL发送。从已发布的文档:
Username
用户名
Allows the service to require that the client be authenticated with a user name credential. Note that WCF does not allow any cryptographic operations with user names, such as generating a signature or encrypting data. WCF ensures that the transport is secured when using user name credentials.
允许该服务要求使用用户名凭据对客户端进行身份验证。请注意,WCF不允许对用户名进行任何加密操作,例如生成签名或加密数据。 WCF确保在使用用户名凭据时传输是安全的。
--
-
Note the difference between the message and the transport.
请注意消息和传输之间的区别。
Authentication may be derived from a client certificate used for the transport, or negotiated (NTLM).
身份验证可以从用于传输或协商的客户端证书(NTLM)派生。
#6
0
If the server is configured with clientCredentialType="UserName" PHP consumer must use some WS-Security implementation to send Username and Password SOAP security headers to the server.
如果服务器配置了clientCredentialType =“UserName”,PHP使用者必须使用某些WS-Security实现将Username和Password SOAP安全头发送到服务器。
<soapenv:Envelope>
<soapenv:Header>
<wsse:Security >
<wsse:UsernameToken>
<wsse:Username>bob</ wsse:Username>
<wsse:Password Type="PasswordText">bob1</ wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body> ... </soapenvBody>
</soapenv:Envelope>
Keep in mind that the server can be configure to acept plain or hashed password. So the client must send plain or hashed password.
请记住,可以将服务器配置为接受普通密码或散列密码。因此客户端必须发送普通或散列密码。
#1
1
Yes, there is support for WS-Security in PHP. Some assembly is required. See, for example, Secured Web Services with PHP. The WS-* specifications are written and implemented for interoperability, that is, so that the will operate across different platforms, vendors, transports, and languages. It is widely adopted, and the 1.1 version has been an OASIS standard since 2006.
是的,PHP中支持WS-Security。需要一些装配。例如,参见使用PHP的安全Web服务。 WS- *规范是为了互操作性而编写和实现的,也就是说,它将在不同的平台,供应商,传输和语言中运行。它被广泛采用,自2006年以来,1.1版本一直是OASIS标准。
Perhaps it would help defuse the tenion and be instructive if your PHP developer would show the ability to consume any web service that uses WS-Security, just to take your service and WCF out of the equation for a little while.
如果您的PHP开发人员能够使用任何使用WS-Security的Web服务,只是为了让您的服务和WCF在一段时间内脱离等式,这可能有助于化解Tenion并具有指导意义。
#2
1
Why dont you setup a platform independent UI project using something like SOAP UI where it will enable you to have automated tests against your WCF service, guaranteeing your contracts are sound while benefiting the PHP consumer. The reason this benefits the PHP consumer is that he will have automated test cases which he can profile/run/precident he can use to make his php side of things.
为什么不使用像SOAP UI这样的设置独立于平台的UI项目,它可以让您对WCF服务进行自动化测试,保证您的合同合理,同时使PHP消费者受益。这对PHP消费者有利的原因是他将拥有自动测试用例,他可以使用这些测试用例来分析/运行/预先设置他可以用来制作他的php方面的东西。
One thing to note is that .net namespacing can cause issues for other languages with SOAP. I really really recommend you investigate SOAP UI or a free alternative. Possibly an alternative that is free is fiddler, however I believe that is not automated.
需要注意的一点是.net命名空间可能会导致SOAP使用其他语言出现问题。我真的建议您调查SOAP UI或免费替代方案。可能是免费的替代品是提琴手,但我认为这不是自动化的。
Here are some other helpers for your PHP consumer: http://weblogs.asp.net/gunnarpeipman/archive/2007/09/17/using-wcf-services-with-php.aspx http://cgeers.com/2009/08/20/using-wcf-services-with-php-5/
以下是PHP消费者的一些其他帮助:http://weblogs.asp.net/gunnarpeipman/archive/2007/09/17/using-wcf-services-with-php.aspx http://cgeers.com/2009 / 08/20 /使用的WCF服务与 - PHP-5 /
#3
1
After my long workout for Email WCF service with attachment. Now i am able to send an email from PHP using WCF service. Here is code snippet.
经过长时间的电子邮件WCF服务与附件的锻炼后。现在我可以使用WCF服务从PHP发送电子邮件。这是代码片段。
<?php
ini_set('display_errors',1);
require_once ('nusoap.php');
$parameters= new StdClass();
$parameters->emailinfo = new StdClass();
$fileAttachmentPath = 'example.csv';
$data = base64_encode(file_get_contents($fileAttachmentPath));
$parameters->emlinfo->NoFileInfo = true;
$parameters->emlinfo->FileNameWithExt = "example.csv";
$parameters->emlinfo->FileContentBase64 = $data;
//$parameters->emlinfo->FileAttachment = $parameters->ArrayOfFileAttachment;
//$parameters->emlinfo->FileAttachment = (array) $parameters->emlinfo->FileAttachment;
$parameters->emlinfo->MailTo='';
$parameters->emlinfo->MailFrom='';
$parameters->emlinfo->MailMessage='';
$parameters->emlinfo->MailBody='';
$parameters->emlinfo->MailSubject='';
$parameters->emlinfo->MailType='';
$parameters->emlinfo->UserId='';
$parameters->emlinfo->Password='';
$parameters->emlinfo->SmtpId='';
$parameters->emlinfo->Token='';
$parameters->emlinfo->ApplicationId='';
$parameters->emlinfo->VisitorName='';
$parameters->emlinfo->VendorId='';
$parameters->emlinfo->ReplyTo='';
try {
$braspag = new SoapClient('WSDL Sevice',
array(
'trace' => 1,
'exceptions' => 1,
'style' => SOAP_DOCUMENT,
'use' => SOAP_LITERAL,
'soap_version' => SOAP_1_1,
'encoding' => 'UTF-8'
)
);
//$SendEmailResponse = $braspag->__getTypes();
$SendEmailResponse = $braspag->SendEmail($parameters);
}
catch(SoapFault $fault) {
//echo 'Ocorreu um erro: ' , $fault->getMessage();
}
var_dump($parameters->emlinfo);
?>
Regards,
Rahul Soni.
#4
0
I don't know a lot about WCF but it seems that is SOAP based. You can start by looking at php Soap functions. I see that also supports JSON communication, check JSON functions from php.
我不太了解WCF,但它似乎是基于SOAP的。您可以从查看php Soap函数开始。我看到它也支持JSON通信,从php检查JSON函数。
#5
0
(this is a bit long to add as comment to Visual Stewart's answer)
(这有点长,作为对Visual Stewart答案的评论)
clientCredentialType="UserName"....This means the message is encrypted over the line
clientCredentialType =“UserName”....这意味着消息是通过线路加密的
Not really. The message is not encrypted, but it will be sent via SSL. From the published docs:
不是真的。邮件未加密,但会通过SSL发送。从已发布的文档:
Username
用户名
Allows the service to require that the client be authenticated with a user name credential. Note that WCF does not allow any cryptographic operations with user names, such as generating a signature or encrypting data. WCF ensures that the transport is secured when using user name credentials.
允许该服务要求使用用户名凭据对客户端进行身份验证。请注意,WCF不允许对用户名进行任何加密操作,例如生成签名或加密数据。 WCF确保在使用用户名凭据时传输是安全的。
--
-
Note the difference between the message and the transport.
请注意消息和传输之间的区别。
Authentication may be derived from a client certificate used for the transport, or negotiated (NTLM).
身份验证可以从用于传输或协商的客户端证书(NTLM)派生。
#6
0
If the server is configured with clientCredentialType="UserName" PHP consumer must use some WS-Security implementation to send Username and Password SOAP security headers to the server.
如果服务器配置了clientCredentialType =“UserName”,PHP使用者必须使用某些WS-Security实现将Username和Password SOAP安全头发送到服务器。
<soapenv:Envelope>
<soapenv:Header>
<wsse:Security >
<wsse:UsernameToken>
<wsse:Username>bob</ wsse:Username>
<wsse:Password Type="PasswordText">bob1</ wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body> ... </soapenvBody>
</soapenv:Envelope>
Keep in mind that the server can be configure to acept plain or hashed password. So the client must send plain or hashed password.
请记住,可以将服务器配置为接受普通密码或散列密码。因此客户端必须发送普通或散列密码。