[wsf-php-user] combine wsdl code generation with username token security
Nandika Jayawardana
nandika at wso2.com
Tue Mar 8 20:41:21 PST 2011
When using the WSDL Mode, you have to have the security policy defined
in the WSDL itself. Hence the policy object is not required for the
client options array. Also since your endpoint is an https endpoint,
you need to specify the CACert option in the client options.
Regards
Nandika
On Wed, Mar 9, 2011 at 9:26 AM, Jorge Infante Osorio <jorgeio at uci.cu> wrote:
> Hi folks.
>
> I´m try to implement a client for a secure proxy service in ESB, with
> username token.
>
> I generated the code client using the wsdl2php script and them I modified
> this code with the security requirement for username token, like this:
> NOTE: this is not all the script.
>
> try {
>
> $my_cert = ws_get_cert_from_file("/var/www/clienteubuntu.cert");
> $my_key = ws_get_key_from_file("/var/www/clienteubuntu.pem");
>
> // Set up security options
> $security_options = array("useUsernameToken" => TRUE );
> $policy = new WSPolicy(array("security" => $security_options));
> $security_token = new WSSecurityToken(array("user" => "admin",
> "password" => "admin",
> "passwordType" => "Digest",
> "privateKey" => $my_key,
> "certificate" =>
> $my_cert));
>
> // create client in WSDL mode
> $client = new WSClient(array ("wsdl"
> =>"http://192.168.231.1:8280/services/HelloServiceProxySecure?wsdl",
> "to"
> =>"https://192.168.231.1:8243/services/HelloServiceProxySecure",
> "classmap" => $class_map,
> "useWSA" => TRUE,
> "policy" => $policy,
> "securityToken" => $security_token
> )
> );
> // get proxy object reference form client
> $proxy = $client->getProxy();
>
>
> When I call this script I see this errors:
>
> [Tue Mar 8 17:22:43 2011] [info] Cannot find path
> /usr/lib/php5/20090626+lfs/wsf_c/services.
> [Tue Mar 8 17:22:43 2011] [info] [rampart] rampart_mod initialized
> [Tue Mar 8 17:22:43 2011] [info] [rahas]Rahas module initialized
> [Tue Mar 08 17:22:43 2011] [notice] Apache/2.2.14 (Ubuntu)
> PHP/5.3.2-1ubuntu4.7 with Suhosin-Patch configured -- resuming normal
> operations
> [Tue Mar 8 17:22:58 2011] [info] Cannot find path
> /usr/lib/php5/20090626+lfs/wsf_c/services.
> [Tue Mar 8 17:22:58 2011] [info] [rampart] rampart_mod initialized
> [Tue Mar 8 17:22:58 2011] [info] [rahas]Rahas module initialized
> [Tue Mar 8 17:22:58 2011] [info] Starting addressing out handler
> [Tue Mar 8 17:22:58 2011] [warning] msg_ctx.c(1384)
> RampartClientConfiguration not set in message context
> [Tue Mar 8 17:22:58 2011] [error] key_mgr.c(295)
> [rampart][rampart_signature] Public key certificate file is not specified.
> [Tue Mar 8 17:22:58 2011] [error] rampart_signature.c(856)
> [rampart][rampart_signature] Cannot get certificate
> [Tue Mar 8 17:22:58 2011] [error] rampart_sec_header_builder.c(131)
> [rampart][shb] Signing failed. ERROR
> [Tue Mar 8 17:22:58 2011] [error] rampart_sec_header_builder.c(601)
> [rampart][shb] Asymmetric Binding failed
> [Tue Mar 8 17:22:58 2011] [error] rampart_out_handler.c(130)
> [rampart]Security header building failed.
> [Tue Mar 8 17:22:58 2011] [error] phase.c(224) Handler RampartOutHandler
> invoke failed within phase Security
> [Tue Mar 8 17:22:58 2011] [error] engine.c(657) Invoking phase Security
> failed
> [Tue Mar 8 17:22:58 2011] [error]
> /opt/wso2-wsf-php-src-2.1.0/src/wsf_wsdl.c(1226) [wsf_wsdl] Response
> envelope not found
> [Tue Mar 8 17:22:58 2011] [info] [rampart] rampart_mod shutdown
> [Tue Mar 8 17:22:58 2011] [info] [rahas] Rahas module shutdown
> [Tue Mar 08 17:22:59 2011] [notice] child pid 1214 exit signal Segmentation
> fault (11)
>
>
> Do you have an example that combine wsdl code generation with username token
> security?
>
> By the way the public and private key I have to extracted it from a jks
> using portecle-1.7, exist another way? The public certificate is in CER
> format and the private key it´s in PEM format.
>
> Thanks,
> Jorge.
>
>
>
>
--
Nandika Jayawardana
Technical Lead and Project Manager,
WSO2 Inc ; http://wso2.com
lean.enterprise.middleware
More information about the Wsf-php-user
mailing list