PHP webservice 身份認證 用戶端與服務端實現

note:本文轉自何俊斌先生 的部落格。但竊自以為有點小錯誤：function authenticate自己略作修改。找了一整天，原來服務端沒什麼特別要做的，就是像普通的webservice一樣提供方法就可以。

下面是用戶端的實現：
<?php
class authentication_header {<br /> private $username;<br /> private $password;<br /> public function __construct($username, $password) {<br /> $this->username = $username;<br /> $this->password = $password;<br /> }<br />}</p><p>// generate new object<br />$auth = new authentication_header('123', '123');<br />// create authentication header values<br />$authvalues = new SoapVar($auth, SOAP_ENC_OBJECT, 'authenticate');<br />// generate header<br />$header = new SoapHeader('http://78diy.org/', 'authenticate', $authvalues);</p><p>$client = new SoapClient('http://127.0.0.1:8000/webservice/test/serve.php?wsdl');<br />$client->__setSoapHeaders(array($header));<br />echo $client->__soapCall('felineResponse', array());</p><p>?>
如下是伺服器端的實現：
<?php<br />class mysoapclass {<br /> /*<br /> * Authentication function<br /> * This is called by the Soap header of the same name. The function name is a Ws-security standard auth tag<br /> * and corresponds to the header tag.<br /> *<br /> * @param string username<br /> * @param string password<br /> */</p><p> public function authenticate($value){<br /> // Store username for logging<br /> $this->username = $value->username;<br /> $this->password = $value->password;<br /> if($this->username == '123'&& $this->password=='123' ) {<br /> $this->Authenticated = true;<br /> } else {<br /> $this->Authenticated = false;<br /> }</p><p> }</p><p> /*<br /> * Test method<br /> */<br /> public function felineResponse(){</p><p> // Place this at the start of every exposed method<br /> // This is because the SoapServer will attempt to call<br /> // if no authentication headers are passed.<br /> if($this->Authenticated){<br /> return 'zheng que';<br /> } else {<br /> return 'cuo wu';<br /> }</p><p> }</p><p>}</p><p>// Instantiate server with relevant wsdl & class.<br />$server = new SoapServer( 'mysoapwsdl.wsdl' );<br />$server->setClass('mysoapclass');<br />$server->handle();</p><p>?>

有人 可能想直接傳遞包含使用者名稱和密碼的數組進行驗證 其實，也是可以的

把用戶端

$authvalues =array('username'=>'admin','pwd'=>'123456');

改成這樣，則傳遞的則是對象數組

object(stdClass)#4 (1) {<br /> ["item"]=><br /> array(2) {<br /> [0]=><br /> object(stdClass)#5 (2) {<br /> ["key"]=><br /> string(8) "username"<br /> ["value"]=><br /> string(5) "admin"<br /> }<br /> [1]=><br /> object(stdClass)#6 (2) {<br /> ["key"]=><br /> string(3) "pwd"<br /> ["value"]=><br /> string(6) "123456"<br /> }<br /> }<br />}

 

 大家看到了吧

若想在服務端驗證 則需稍作修改

 

$this->username = $value->item[0]->value;;<br />$this->password = $value->item[1]->value;

後續 ：上面那種方式傳數組有點麻煩實際上改成這樣更方便

$auth = array('username'=>'admin', 'password'=>'123456');

 

這樣服務端無需修改代碼，他同樣會被當作一個對象來處理

至於原因，我也不甚清楚，希望高人指點。

由於本人php還是比較弱，如有錯誤之處歡迎指正