WS-Policy support in WSF/PHP

Web Services Policy is the standard way of publishing non functional requirements of a Web Service. For an example the only way of telling that a service needs all the incoming messages to it be signed is through Web Service Policy. WSO2 WSF/PHP is the only Web Services framework for PHP which suppoorts WS-Policy in an easy to use way.

You don't need to understand complex policy grammar. It is just PHP scripting. Follwing is an easy approach.

/*The Payload to be sent*/
$reqPayloadString = Hello World!

try {
/*The certificates need for security*/

/*Reciever's Public Key*/
$rec_cert = ws_get_cert_from_file("../keys/bob_cert.cert");

/*Sender's Private Key*/
$pvt_key = ws_get_key_from_file("../keys/alice_key.pem");

/*construction of Message using the endpoint Address*/
$reqMessage = new WSMessage($reqPayloadString,
array("to" => "http://localhost/samples/security/encryption/service.php",
"action" => "http://php.axis2.org/samples/echoString"));

/*The configurations need for security. Actually these are assertions found in Security Policy*/
$sec_array = array("encrypt" => TRUE,
"algorithmSuite" => "Basic256Rsa15",
"securityTokenReference" => "IssuerSerial");

/*construction of actual Policy object.*/
$policy = new WSPolicy(array("security" => $sec_array));
$sec_token = new WSSecurityToken(array("privateKey" => $pvt_key,
"receiverCertificate" => $rec_cert));

/*construction of WSClient to Send the message*/
$client = new WSClient(array("useWSA" => TRUE,
"policy" => $policy,
"securityToken" => $sec_token));

/*sending the message*/
$resMessage = $client->request($reqMessage);

printf("Response = %s \n", $resMessage->str);

If you have policy file instead of options , you just need to construct the policy object as follows.

$policy_xml = file_get_contents("policy.xml");
$policy = new WSPolicy($policy_xml);

So WS-Policy are now not complex things for PHP users willing to do Web Services.