Adding a WSS UsernameToken with the Native PHP SoapClient April, 2009
Adding a WSS UsernameToken with the native PHP SoapClient is pretty straight forward (Mind you, this is just the plain text credentials so you should use transport security). Here is the usage:
$wsdl = "https://services.yada.net/Yada.svc?wsdl"; // Or 'soap_version' => SOAP_1_1 if your using SOAP 1.1 $options = array( 'location' => 'https://services.yada.net/Yada.svc', 'soap_version' => SOAP_1_2); $client = new SoapClient($wsdl, $options); // Add the WSS username token headers AddWSSUsernameToken($client, 'tony', 'clifton'); try { $client->GetVersion(); echo str_replace('>', '>
', str_replace('<', '<', str_replace('&', '&', $client->__getLastResponse()))); } catch(Exception $e) { echo $e; }
Here is the implementation:
function AddWSSUsernameToken($client, $username, $password) { $wssNamespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; $username = new SoapVar($username, XSD_STRING, null, null, 'Username', $wssNamespace); $password = new SoapVar($password, XSD_STRING, null, null, 'Password', $wssNamespace); $usernameToken = new SoapVar(array($username, $password), SOAP_ENC_OBJECT, null, null, 'UsernameToken', $wssNamespace); $usernameToken = new SoapVar(array($usernameToken), SOAP_ENC_OBJECT, null, null, null, $wssNamespace); $wssUsernameTokenHeader = new SoapHeader($wssNamespace, 'Security', $usernameToken); $client->__setSoapHeaders($wssUsernameTokenHeader); }