nuSOAP：服务器端的头部身份验证

更新时间：2022-03-16 10:05:07

来源：网络转载

Can any one please advice how to parse nuSOAP headers and checking the username/password/Signature from the below SOAP Request

<SOAP-ENV:Header> <SOAP-ENV:Header xmlns:wsa="http://admin.example.com"> <Username>testuser</Username> <Password>test123456</Password> <Signature>5595610031002</Signature> </SOAP-ENV:Header> </SOAP-ENV:Header>

i.e: i need to parse this header on server side and validate the credentials for every request.

任何人都可以建议如何解析nuSOAP标题并检查用户名/密码/签名 code >来自以下SOAP请求 p>
＆lt; SOAP-ENV：Header＆gt; ＆lt; SOAP-ENV：Header xmlns：wsa =“http：//admin.example。 com“＆gt; ＆lt;用户名＆gt; testuser＆lt; /用户名＆gt; ＆lt;密码＆gt; test123456＆lt; /密码＆gt; ＆lt;签名＆gt; 5595610031002＆lt; /签名＆gt; ＆lt; / SOAP-ENV：标题＆gt; ＆lt; / SOAP-ENV：Header＆gt; code> pre> ie：我需要在服务器端解析此标头并验证每个请求的凭据。 p> div>

1 条回答

网友1解答：

Am not sure but i found an alternative to track the credentials by using the following code. let me explain.

The code $sSoapRequest = file_get_contents('php://input'); which returns the entire SOAP request to the server side...

The following 2 functions helps me to bring out the values..

function doAuthenticate()
{
    $sSoapRequest = file_get_contents('php://input');
    if(isset($sSoapRequest))
    {
        $sUsername = hookTextBetweenTags($sSoapRequest, 'Username');
        $sPassword = hookTextBetweenTags($sSoapRequest, 'Password');
        $sSignature = hookTextBetweenTags($sSoapRequest, 'Signature');
        if($sUsername=='testuser' && $sPassword=='test123456' && $sSignature=='5595610031002')
            return true;
        else
            return false;
    }
}
function hookTextBetweenTags($string, $tagname) {
    $pattern = "/<$tagname ?.*>(.*)<\/$tagname>/";
    preg_match($pattern, $string, $matches);
    return $matches[1];
}

and, use doAuthenticate() method for every process in server side.

php