What to send in web service security headers?

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
nadavvin
Forum Commoner
Posts: 68
Joined: Wed Sep 06, 2006 6:05 am

What to send in web service security headers?

Post by nadavvin »

Hello

I was asked in my work to add web service security header.

I don't know exactly which headers to send, and I search a lot about it and still didn't find something useful about this.

I found this:
http://il2.php.net/manual/en/function.s ... .php#58245

Code: Select all

$header =  new SoapHeader($this->name_space, "Authentication", // Rename this to the tag you need
                                                          $authvalues, false);
Is it what I need?

What the parameters that I need to change? like "Authentication"
Does the name space is the WSDL address?

Nadav
jeffery
Forum Contributor
Posts: 105
Joined: Mon Apr 03, 2006 3:13 am
Location: Melbourne, Australia
Contact:

Post by jeffery »

I would also love to learn how to enable Security with webservices. Googling got me to this resource: http://www.rassoc.com/gregr/weblog/stor ... urity.html
samisa
Forum Newbie
Posts: 6
Joined: Sun Jan 20, 2008 11:08 pm

Re: What to send in web service security headers?

Post by samisa »

Web Services Security is more than just http authentication. If you want to learn more, read this article, on how to do WS-Security with PHP, including user name token, signing and encryption. Full WS-Security implementation is supported by PHP Web services framework.
Post Reply