Solved

What is causing my SOAP request to display an  'acceptable signature' error?

Posted on 2014-11-11
13
131 Views
Last Modified: 2016-02-16
What would usually cause the following error within PHP/SOAP Requests?


Error: SoapFault exception: [soap:Client] System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> The request is not signed with an acceptable signature. at WebService.WebService.ProcessMessage(Payload& payload) in /var/www/osp/demo1.php:51 Stack trace: #0 /var/www/osp/demo1.php(51): SoapClient->__soapCall('ProcessMessage', Array) #1 {main}
0
Comment
Question by:LAQUE
  • 6
  • 4
13 Comments
 
LVL 34

Accepted Solution

by:
gr8gonzo earned 500 total points
ID: 40436245
Basically, a lot of SOAP requests are digitally signed with a private key. The process is pretty complicated to explain if you're not familiar with PKI and transforms, but think of a digital signature like one of those wax seals that used to be put onto envelopes.

The recipient of an envelope with a wax seal could see two things:
1. If it was broken (which would mean that someone had to break the seal to open the envelope, so the contents might have been altered and you couldn't be certain that the message was real.

2. The wax seal usually had some special design so nobody could easily reproduce that design, but it could be recognized by just about anyone else simply by looking at it. So the recipient could use the wax seal to tell if the envelope was really from someone or if it was from an impostor.

Similarly, a private key can take some data (usually XML) and create a digital signature (looks like a bunch of gibberish) that represents that data. The digital signature is then added to the original message.

Then, on the receiving side, someone takes the public key / certificate that matches the private key and can use it to verify the signature (like someone looking at the wax seal). If the signature can be verified using that public key / certificate, then the recipient can know for sure that the message comes from that sender and has not been altered in any way.

So ultimately, it's all about confirming the sender's identity and preventing someone else from tampering with the data.

Getting back to the technical side of things, the message is saying that either:
1. The server is expecting a digital signature and cannot find one in the message.
OR
2. The server found a digital signature but it's invalid.

Either way, the problem is on the sender's end of things. It sounds like the sender needs to add a digital signature to the SOAP message with a private key and make sure the server/recipient has a copy of the public key.
0
 

Author Comment

by:LAQUE
ID: 40436268
I understand the part of digital signing something for encrypting. The issue i'm running into to is that I'm able to send a basic SOAP request using SOAP Ui and see the output, but when I attempt to use PHP'S soap client I get that error.  How is SOAP Ui able to function and send the request but the php soap client error out?
0
 
LVL 34

Expert Comment

by:gr8gonzo
ID: 40436337
I would suggest using Fiddler or some other proxy to capture both requests and compare them.
0
The New “Normal” in Modern Enterprise Operations

DevOps for the modern enterprise offers many benefits — increased agility, productivity, and more, but digital transformation isn’t easy, especially if you’re not addressing the right issues. Register for the webinar to dive into the “new normal” for enterprise modern ops.

 
LVL 109

Expert Comment

by:Ray Paseur
ID: 40436501
No points for this, but here is my assessment.  SOAP is an antiquated protocol that never really made any sense.  Unless you're the Government with the force of legal authority behind you, able to compel your clients to use SOAP, you're not likely to get anybody to use SOAP any more.  Most of the major web service providers abandoned it years ago.  The internet is littered with the rotting husks of failed SOAP projects, and as a result, PHP SOAP support is pretty lame and is never going to get any better.  Example: identical property names in different namespaces collide.  This bug is 5 years old and has never been fixed.  I consider PHP SOAP support to be dead.  And that makes sense in a holistic sort of way -- nobody who understands modern software development is going to start work on a new SOAP API today.

In contrast, consider RESTful interfaces.  All the major service providers use REST.  It offers all of the benefits of an API without the stupefyingly bad design of SOAP.  I've never met anyone who could not immediately understand and use a RESTful API.  REST is the design that powers the WWW, so it's pretty sure to be around for a while and fairly well debugged.  If you have any choice in the matter, abandon SOAP and choose REST.
0
 
LVL 34

Expert Comment

by:gr8gonzo
ID: 40436523
For what it's worth, SOAP is still the primary protocol for some applications/standards like SAML. It'll be a while before it's completely dead, especially with .NET / WCF making SOAP apps pretty easy to build and consume.
0
 

Author Comment

by:LAQUE
ID: 40437683
What would be some of my options for connecting to the vendor's server if it's only accepting SOAP requests? I've read in some of the reponses that SOAP almost appears to be a dead end(even thouhg the server i'm trying to extract data from only accepts SOAP requests), but it also appears that using .NET  would be a much easier route to go. Also the machine I would like to run these requests from is Ubuntu/Linux, but I think that would be an issue if I were to go through the .NET route correct?
0
 
LVL 34

Expert Comment

by:gr8gonzo
ID: 40438172
If the server only accepts SOAP requests, then you're stuck with SOAP.

.NET just offers WCF, which is a framework that makes it a little easier to deal with SOAP endpoints. You point it at a WSDL via "add a service reference" and it'll build out objects for you. However, if you're on Linux, then you probably won't be able to efficiently use that route (you'd have to go through Mono, which is a different sort of deal).

If you're on Linux, I'd just suggest using nuSOAP or something.
0
 

Author Comment

by:LAQUE
ID: 40943034
I've requested that this question be deleted for the following reason:

needed to start at the begining with this question.
0
 
LVL 34

Expert Comment

by:gr8gonzo
ID: 40943035
All of the answers up to this point have been applicable to the original question. Even if you have a new question on this topic, this specific question and the answers may help someone else who is searching for the same problem. You can definitely start a new question, but just close this one out by accepting the most valid comment as the answer.
0
 

Author Comment

by:LAQUE
ID: 40945001
Taking a step back with my question. I'm unsure on actually how to implement PHP/SOAPCLIENT. Trying to find more resources on implementing soapui/php's soap client.
0
 
LVL 34

Expert Comment

by:gr8gonzo
ID: 40947258
My recommendation is to accept #40436245 as the solution to the original question. The asker has opened up a separate question on how to implement PHP/SOAP, but the original question (what would cause that particular error message) is still a valid and common question that is correctly answered by my initial comment.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to configure empty element in XML Document parser? 15 35
Row insertion failed. Array 5 45
Undefined variable problem 5 21
Ajax and PHP 4 29
Styling your websites can become very complex. Here I'll show how SASS can help you better organize, maintain and reuse your CSS code.
SASS allows you to treat your CSS code in a more OOP way. Let's have a look on how you can structure your code in order for it to be easily maintained and reused.
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…

766 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question