Nusoap在客户端和服务器端都设置并获取标头 [英] Nusoap set and get headers in both client and server side

问题描述

我正在使用Nusoap开发一个简单的Web服务，并且在添加身份验证时遇到问题.

I am developing a simple web service using Nusoap and having problem when adding authentication.

当前，我正在使用setCredentials()方法将用户名和密码附加到请求中，并在服务器端使用$ _SERVER ['PHP_AUTH_USER']获取它们.

Currently I am using setCredentials() method to attach username and password to request and getting them using $_SERVER['PHP_AUTH_USER'] in server side.

它工作正常，但我不想为每个呼叫都对用户进行身份验证.因此，我需要维护一个会话，根据我的研究，在进行首次身份验证之后，服务器需要发送附加到响应头的会话ID"之类的内容，客户端应在后续调用中使用此会话ID".

It works fine, but I don't want to authenticate the user for every call. So I need to maintain a session and according to my research, after the first authentication, the server needs to send something like 'session id' attached to the response header and the client should use this 'session id' in subsequent calls.

但是我不知道如何在请求和响应中设置和获取标头. 有人可以帮忙吗?

But I don't know how to set and get headers in both request and response. Could anyone help?

我真的是肥皂和会话的新手，所以如果我的想法有什么问题，请指出. 非常感谢.

I'm really new to soap and session, so if there is anything wrong with my thoughts, please point it out. Thank you so much.

推荐答案

最后，我自己弄清楚了.我使用了一个非常简单的实现，它肯定是不安全的，但是它可能对像我这样的一些初学者有所帮助.

Finally, I figured out it myself. I used a very simple implementation and it is definitely insecure, but it may help some beginners like me.

首先，通过观察Nusoap代码，我发现在客户端和服务器中都非常容易设置和获取soap标头.

First, by observing the Nusoap code I find it is very easy to set and get soap headers both in client and server.

客户端:

$client->getHeader();                 //return array containing header elements
$client->setHeaders('headerstring');

服务器:

$server->responseHeaders = 'headerstring';    //set response headers
$server->requestHeaders                       //get request headers 

第二，在使用用户名/密码进行首次身份验证之后，我将用户名保存在会话中，并将会话ID发送给客户端.然后，客户端在下一次呼叫时发送此会话ID，而不是用户名/密码.

Second, after first authentication using username/password, I saved the username in the session and sent session id to the client. Then the client sends this session id at next call instead of username/password.

服务器:

function someService (){
    global $server; 
    $valid = false; 
    $requestHeaders = $server->requestHeader;

    /*get session id from request header and open existing sid*/
    if(isset($requestHeaders['SessionToken'])){
            $sid = $requestHeaders['SessionToken'];
            session_id($sid);
    }

    session_start();

    /*if the user is not verified before, need to verify it*/
    if(!isset($_SESSION['user'])){
            $valid = verifyUser();
            if($valid){
                    $_SESSION['user'] = $_SERVER['PHP_AUTH_USER'];
            }
    }

    if($valid || isset($_SESSION['user'])){                                 //user verified or previously veirified.        
            $server->responseHeaders = '<SessionToken>'. session_id() .'</SessionToken>';
            /***
              some code goes here
            ***/
    }
    else{
            return new soap_fault(401,'', 'User is not verified!');
    }
}

客户端:

require_once "nusoap.php";
$client = new nusoap_client("auth.wsdl", true);

$authHeaders = $client->getHeader();
if(isset($authHeaders['SessionToken'])){
    $header = '<SessionToken>'. $authHeaders['SessionToken'] .'</SessionToken>';
    $client->setHeaders($header);
}
else{   
    $client->setCredentials('username','password','basic');
}

$result = $client->call("someService", array());

同样，上面是一个非常简单的示例，我也是一个初学者.因此，如果您有好的建议，请告诉我

Again, above is very simple example and I am also a beginner. So if you have good suggestions, please let me know

这篇关于Nusoap在客户端和服务器端都设置并获取标头的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！