I am trying to do a SOAP web service with security but I can not establish a good security here I have the example of what I do:
public function Seguridad($variablesSeguridad){
$usuario='pagosyre';
$password='ladrones';
$token_servidor = "pyr";
$token = $variablesSeguridad->UsernameToken->Id;
$tokenUsuario = $variablesSeguridad->UsernameToken->Username->Id;
$user = $variablesSeguridad->UsernameToken->Username->_;
$token_clave = $variablesSeguridad->Password->Id;
$pass_type = $variablesSeguridad->Password->Type;
$pass = $variablesSeguridad->Password->_;
if($token == $token_servidor && $tokenUsuario == $token_servidor . "@usuario" && $user == $usuario && $token_clave == $token_servidor . "@password" && $pass == $password && $pass_type!='')
{
$this->verificacion = true;
}else{
$this->verificacion = false;
}
}
//Ejemplo
public function MiMetodo($variable){
$fecha = date ("F j. Y. g:i:s a");
$datos = $variable->mensaje. " " . $fecha;
$Mi_arreglo=array(
"validacion_usuario"=>($this->verificacion==false)?"Error Login":"Exito Login",
"out"=>$datos,
);
return $Mi_arreglo;
}
When I'm going to consume the service in SoapUI even if you put the user or password in error, it gives you the result and that should not be the case ...
I want to implement the user and pass and exit the database and receive a token.
If you could help me, it would be great, I'm very new to this!