Using SOAP over HTTPS.

Hi.

So far I've used SOAP services purely for our intranet setup over HTTP.

I'm now making them available to external third-parties.

Can PHP use SOAP over HTTPS without any issues.

Our webservice web server will have a https://soap.domain.com domain.

Using IIS for this.

We are distinguishing between authentication (i.e. a login) and
secured communication.

Our framework will require a login request to gain a security token
which will be required for subsequent requests, but we don't want to
pass that detail over the wire in plain text.

So, using secured comms (https) seems appropriate, but before I start
down this route and find issues with SOAP+PHP+HTTPS I would like to
know if I am barking up the wrong tree, so to speak.

Regards,

Richard Quadling.

--
-----
Richard Quadling
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
"Standing on the shoulders of some very clever giants!"
ZOPA : http://uk.zopa.com/member/RQuadling

--
PHP Soap Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

On Tue, 2009-08-11 at 16:45 +0100, Richard Quadling wrote:
> So, using secured comms (https) seems appropriate, but before I start
> down this route and find issues with SOAP+PHP+HTTPS I would like to
> know if I am barking up the wrong tree, so to speak.

Do you know if you're going to use?

- Protocol level authentication using X.509/SSL/PKI/OCSP/SCEP?
- HTTP Digest Authentication
- Internal-application authentication (Have your code do
  some username/password challenge response.)


  ~BAS



--
PHP Soap Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php