扩展 php SoapClient 以进行 siteminder 身份验证
简短版本
我想扩展 SoapClient,以便它在访问 WSDL 时在内部执行此操作:
curl -L -E /location/of/cert.pem -c /tmp/location/of/cookie.jar https://web-service-provider/servicename?wsdl
长版本
我有一个与此类似的 SOAP 请求:
$serviceUrl = 'https://service-url';
$wsdl = $serviceUrl . '?wsdl';
$proxyServiceUrl = 'http://localhost/myproxy.php?url=$serviceUrl';
$proxyWsdl = 'http://localhost/myproxy.php?url=$wsdl';
$options = array(
'cache_wsdl' => WSDL_CACHE_NONE,
'encoding' => 'utf-8',
'soap_version' => SOAP_1_1,
'exceptions' => true,
'trace' => true,
'location' => $proxyServiceUrl
);
$client = new SoapClient($proxyWsdl, $options);
$params = array( /* */ );
$client->someOperation($params);
如您所见,除了代理之外,一切都非常标准少量。
代理的原因
我编写代理是为了满足 Web 服务提供商的要求,即所有端点(包括 WSDL)都通过称为 siteminder 的身份验证系统进行处理。
代理的功能非常简单,如果用linux命令行curl编写,它会是这样的:
curl -L -E /location/of/cert.pem -c /tmp/location/of/cookie.jar https://web-service-provider/servicename?wsdl
准确地说:
* Follow all redirections
* specify location of .pem file (and password)
* specify location of cookie jar
这一切都很好:)
但是最近服务提供商决定改变它WSDL。
它现在导入模式文件 (.xsd),这并不是那么糟糕,只是它是相对于 WSDL 而言的。
与 WSDL 文件相关意味着 SoapClient 解析器现在从代理的位置查找架构文件。错误,找不到!
有关该问题的更多详细信息,请参见:
php SoapClient 失败当传递带有相对路径模式的 wsdl 时
所以我的问题是:
我如何重写 SoapClient (当然是通过扩展它),仍然要通过 siteminder 身份验证,但不必通过额外的代理?
我最初的想法是,我必须以某种方式重写 URI 访问器函数(如果存在),但在这方面没有太多文档,我不知道从哪里开始。
或者,我可能必须以某种方式破解 SoapServer 。
如果我能得到任何帮助,包括指向 SoapClient 内部的任何文档的指针,我将不胜感激。
Short Version
I want to extend SoapClient so it does this internally when accessing the WSDL:
curl -L -E /location/of/cert.pem -c /tmp/location/of/cookie.jar https://web-service-provider/servicename?wsdl
Long Version
I've got a SOAP request similar to this:
$serviceUrl = 'https://service-url';
$wsdl = $serviceUrl . '?wsdl';
$proxyServiceUrl = 'http://localhost/myproxy.php?url=$serviceUrl';
$proxyWsdl = 'http://localhost/myproxy.php?url=$wsdl';
$options = array(
'cache_wsdl' => WSDL_CACHE_NONE,
'encoding' => 'utf-8',
'soap_version' => SOAP_1_1,
'exceptions' => true,
'trace' => true,
'location' => $proxyServiceUrl
);
$client = new SoapClient($proxyWsdl, $options);
$params = array( /* */ );
$client->someOperation($params);
As you can see, everything is pretty standard except for the proxy bit.
Reason for the proxy
I wrote the proxy to fulfill a requirement by the web service provider that all end-points including the WSDL be processed through an authentication system called siteminder.
The function of the proxy is quite straight forward, if written in linux command line curl it would be something like this:
curl -L -E /location/of/cert.pem -c /tmp/location/of/cookie.jar https://web-service-provider/servicename?wsdl
To be precise:
* Follow all redirections
* specify location of .pem file (and password)
* specify location of cookie jar
This all works fine :)
BUT recently the service provider decided to changes it's WSDL.
It now imports schema files (.xsd), which is not all that bad, except it is relative to the WSDL.
Being relative to the WSDL file means that the SoapClient parser now looks for the schema files from the proxy's location. ERROR, can't find!
More details about that problem here:
php SoapClient fails when passed a wsdl with relative path schemas
So My Question Is:
How can I rewrite SoapClient (By Extending it of course), to still go through the siteminder authentication but without having to go through that extra proxy?
My initial thoughts are that somehow I have to rewrite the URI accessor function (if one exists) but without much documenation in this area I'm not sure where to start.
Alternatively, I might have to hack SoapServer somehow.
I would appreciate any help I can get, including pointers to any documentation into the internals of SoapClient.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果只是提供 .pem 文件的问题,您是否研究过 SoapClient 构造函数的
local_cert选项?然后,该客户端对象应保留为会话设置的所有 cookie。如果您也需要跨会话保留 cookie,则始终可以从响应中读取它们(使用 __getLastResponseHeaders ),然后使用 __setCookie 下次再次设置它们。或者您可以让代理将相对路径替换为绝对路径。毕竟,wsdl 本身就是一个 XML 文档。
或者,您可以将代理转变为实际代理并使用 proxy_host、proxy_port、proxy_login 和 proxy_password 选项。
If it's just a matter of supplying the .pem file, have you looked into the
local_certoption for the SoapClient constructor? That client object should then retain any cookies set for the session. If you need to persist the cookies across sessions too, you could always read them out of the response (use__getLastResponseHeaders) and then use__setCookieto set them again next time.Or you could just have your proxy replace the relative paths with absolute paths. The wsdl is itself an XML document, after all.
Or you could turn your proxy into an actual proxy and use the proxy_host, proxy_port, proxy_login and proxy_password options.
这个抓头、拉头发问题的答案可以在这里找到:
http://rabaix.net/en/articles/2008/03/13/using-soap-php-with-ntlm-authentication。
感谢 PHP Soap 邮件列表上的 Jeffery Fernandez 指出了这一点。
The answer to this head scratching, hair pulling problem can be found here:
http://rabaix.net/en/articles/2008/03/13/using-soap-php-with-ntlm-authentication.
Thanks to Jeffery Fernandez on the php soap mailing list who pointed this out.