Nusoap set and get headers in both client and server side

|▌冷眼眸甩不掉的悲伤 提交于 2019-12-12 04:17:26

问题


I am developing a simple web service using Nusoap and having problem when adding authentication.

Currently I am using setCredentials() method to attach username and password to request and getting them using $_SERVER['PHP_AUTH_USER'] in server side.

It works fine, but I don't want to authenticate the user for every call. So I need to maintain a session and according to my research, after the first authentication, the server needs to send something like 'session id' attached to the response header and the client should use this 'session id' in subsequent calls.

But I don't know how to set and get headers in both request and response. Could anyone help?

I'm really new to soap and session, so if there is anything wrong with my thoughts, please point it out. Thank you so much.


回答1:


Finally, I figured out it myself. I used a very simple implementation and it is definitely insecure, but it may help some beginners like me.

First, by observing the Nusoap code I find it is very easy to set and get soap headers both in client and server.

client:

$client->getHeader();                 //return array containing header elements
$client->setHeaders('headerstring');

server:

$server->responseHeaders = 'headerstring';    //set response headers
$server->requestHeaders                       //get request headers 

Second, after first authentication using username/password, I saved the username in the session and sent session id to the client. Then the client sends this session id at next call instead of username/password.

server:

function someService (){
    global $server; 
    $valid = false; 
    $requestHeaders = $server->requestHeader;

    /*get session id from request header and open existing sid*/
    if(isset($requestHeaders['SessionToken'])){
            $sid = $requestHeaders['SessionToken'];
            session_id($sid);
    }

    session_start();

    /*if the user is not verified before, need to verify it*/
    if(!isset($_SESSION['user'])){
            $valid = verifyUser();
            if($valid){
                    $_SESSION['user'] = $_SERVER['PHP_AUTH_USER'];
            }
    }

    if($valid || isset($_SESSION['user'])){                                 //user verified or previously veirified.        
            $server->responseHeaders = '<SessionToken>'. session_id() .'</SessionToken>';
            /***
              some code goes here
            ***/
    }
    else{
            return new soap_fault(401,'', 'User is not verified!');
    }
}

client:

require_once "nusoap.php";
$client = new nusoap_client("auth.wsdl", true);

$authHeaders = $client->getHeader();
if(isset($authHeaders['SessionToken'])){
    $header = '<SessionToken>'. $authHeaders['SessionToken'] .'</SessionToken>';
    $client->setHeaders($header);
}
else{   
    $client->setCredentials('username','password','basic');
}

$result = $client->call("someService", array());

Again, above is very simple example and I am also a beginner. So if you have good suggestions, please let me know



来源:https://stackoverflow.com/questions/34660955/nusoap-set-and-get-headers-in-both-client-and-server-side

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!