SOAP-ERROR: Parsing WSDL: Unknown required WSDL extension 'http://schemas.xmlsoap.org/ws/2004/09/policy' in PHP SoapClient while calling SAP PI

Question

I\'m trying to implement a Web Service running on an SAP PI system. The WSDL I got looks like this:

Answer 1

Seems to be a bug in PHP SOAPServer, or a missing extension compatibility, and it hasn't been solved yet, at least in PHP 5.6.31.

The only solution I could find was to set required UsingPolicy to false, as suggested in the accepted response:

But clients could access the SOAP service without authentication, which is a serious security issue. So, I tried to manually check that the security data is sent by the client.

$soapEnvelope = new DOMDocument();
$soapEnvelope->loadXML(file_get_contents("php://input"), LIBXML_DTDATTR);
$wsseNamespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";

if ($soapEnvelope->getElementsByTagNameNS($wsseNamespace, 'Security')->length == 0) {
    throw new SoapFault("auth", 'Authentication error - Missing wsse:Security node');
}

if ($soapEnvelope->getElementsByTagNameNS($wsseNamespace, 'UsernameToken')->length == 0) {
    throw new SoapFault("auth", 'Authentication error - Missing UsernameToken node');
}

if ($soapEnvelope->getElementsByTagNameNS($wsseNamespace, 'Username')->length == 0) {
    throw new SoapFault("auth", 'Authentication error - Missing Username node');
}

if ($soapEnvelope->getElementsByTagNameNS($wsseNamespace, 'Password')->length == 0) {
    throw new SoapFault("auth", 'Authentication error - Missing Password node');
}

// SOAPServer handle requests method
$server->handle();

It's a dirt trick, but it works.