1

在这里,我正在处理来自 paga 支付网关的请求和响应(https://mypaga.atlassian.net/wiki/spaces/PMNA/pages/42865033/Services )。我正在努力为网络服务增加安全性。我的商家网站是Joomla 网站。这里是wsdl,

    <wsdl:definitions targetNamespace="http://pagatech.com/merchant/messages" 
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-
1.0.xsd" xmlns:sch="http://pagatech.com/merchant/messages" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="http://pagatech.com/merchant/messages">
   <wsdl:types>
      <schema attributeFormDefault="unqualified" elementFormDefault="qualified" targetNamespace="http://pagatech.com/merchant/messages" xmlns="http://www.w3.org/2001/XMLSchema">
         <element name="getIntegrationServicesRequest">
            <complexType>
               <sequence>
                  <element name="isTest" type="boolean"/>
               </sequence>
            </complexType>
         </element>
      </schema>
   </wsdl:types>
   <wsdl:message name="getIntegrationServicesRequest">
      <wsdl:part element="tns:getIntegrationServicesRequest" name="getIntegrationServicesRequest"></wsdl:part>
   </wsdl:message>
    <wsdl:message name="getIntegrationServicesResponse">
      <wsdl:part element="tns:getIntegrationServicesResponse" name="getIntegrationServicesResponse"></wsdl:part>
   </wsdl:message>

   <wsdl:portType name="MerchantService">
      <wsdl:operation name="getIntegrationServices">
         <wsdl:input message="tns:getIntegrationServicesRequest" name="getIntegrationServicesRequest"></wsdl:input>
         <wsdl:output message="tns:getIntegrationServicesResponse" name="getIntegrationServicesResponse"></wsdl:output>
      </wsdl:operation>

   </wsdl:portType>
   <wsdl:binding name="MerchantServiceSoap12" type="tns:MerchantService">
      <soap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
     <wsdl:operation name="getIntegrationServices">
             <soap12:operation soapAction=""/>
             <wsdl:input name="getIntegrationServicesRequest">
                <soap12:body use="literal"/>
             </wsdl:input>
             <wsdl:output name="getIntegrationServicesResponse">
                <soap12:body use="literal"/>
             </wsdl:output>
          </wsdl:operation>
   </wsdl:binding>
   <wsdl:service name="MerchantService">
      <wsdl:port binding="tns:MerchantServiceSoap12" name="MerchantServiceSoap12">
         <soap12:address location="http://localhost:8080/paga-test/merchantService/"/>
      </wsdl:port>
   </wsdl:service>
</wsdl:definitions>

这是我需要实现的

用户名/密码摘要令牌 与 Paga 商家服务 Web 服务集成的所有商家 Web 服务必须实施标准 Web 服务安全 Web 服务安全:SOAP 消息安全 1.0 标准 200401,2004 年 3 月,它提供了 SOAP Web 服务标头的规范用户名/令牌身份验证凭据。在本规范中,该服务将使用密码摘要式身份验证 MS-WSP 密码将与用户名一起提供以对商家进行身份验证。商户的用户名和 MS-WSP 密码凭证将在商户服务注册过程中提供给商户。

请求如下

<?xml version='1.0' encoding='UTF-8'?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">      
    <soapenv:Header>
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="true">
            <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-188">
                <wsse:Username>XXXX</wsse:Username>
                <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">YYYY</wsse:Password>
            </wsse:UsernameToken>
        </wsse:Security>
    </soapenv:Header>
    <soapenv:Body>
        <mes:getIntegrationServicesRequest>
            <mes:isTest>false</mes:isTest>
        </mes:getIntegrationServicesRequest> 
    </soapenv:Body>
</soapenv:Envelope>

如果我在 SOAP UI 中运行它说找不到过程。请告诉我如何在 wsdl 中实现安全性?

4

0 回答 0