Earlier I wrote a blog about how to make your wordpress blog a web service using the WSF/PHP Data Services library. I will expand that post to demonstrate the use of WS-Security features with WSF/PHP.
This time it is a Tag Search service for my wordpress blog. Check the ‘Tag Search’ Data Services Demo from http://ws.dimuthu.org/. The only difference is here you are authenticated before accessing the service using the username tokens as specified in WS-Security.
Just look at the WSSecurity constructor in the Data Service Demo Code. You can observe 4 new parameters passed in to it. (In addition to the “config” and “operations” options)
- policy – This is where you specify the policy governed by the service. Here you can either use the WS-Policy compliant policy file or just a simple PHP array that contain the required security token informations.
$sec_array = array("useUsernameToken" => TRUE); $policy = new WSPolicy(array("security"=>$sec_array));
- securityToken: You specify the user parameters like how you handle the authentication and the encoding type in this option.
$security_token = new WSSecurityToken(array("passwordCallback" => "password_callback_function", "passwordType" => "Digest")); /* callback function * @param string $username username of the client request * @return string $password password for that username */ function password_callback_function($username) { // In the real word I should authenticate users from database. // for this demo I have a simple if-else block if($username == "visitor") { return "visitor123"; } return "notavistor"; }
Note that here you specify a callback function to the security token parameter. Inside this function you retrieve the password for the user (mostly from the database) and return. WSF/PHP will authenticate the user from these information.
- useWSA : You need to set this option in order to generate the WS-Addressing parameters (like action) for your WSDL. WS-Addressing is required to run web services with WS-Security in WSF/PHP.
- actions: You should provide a map of action to service operations in order to get the WS Addressing information generated with your WSDL.
$actions = array("http://ws.dimuthu.org/blog/getPosts" => "getPosts");
Just have a look at how these information are rendered in the generated WSDL, http://ws.dimuthu.org/blog/WordpressTagSearchService.php?wsdl. (Note the wsaw:action attribute in the messages inside the portType element.
After you deploy the service, it is very easy to generate a client with the WSDL. If you write clients in PHP you can use the wsdl2php tool shipping with WSF/PHP. The code for my demo client can be found in http://ws.dimuthu.org/source.php?src=tag.search.client. (There I have hard coded the username and password just for the demo purpose)