Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic

HTTP basic authentication in SOAP::Lite

by mohan2monks (Beadle)
on Apr 03, 2009 at 06:59 UTC ( #755189=perlquestion: print w/replies, xml ) Need Help??
mohan2monks has asked for the wisdom of the Perl Monks concerning the following question:

Dear Monks, I am accessing a .NET based web service using PERL's SOAP::Lite module. Though the code is working fine for me during one of perforamnce tests by the service provider the guy from other end told me that he is receiving requests from my server twice the first one being sent as a null request and the other one which i actually want to send. I get the response correctly and my trace log also shows request being sent and response received as it should be, This service requires a HTTP authorisation which i do as directed in module, after much discussion with the service provider he told me that it might be happening because of my application sending first null request to authenticate which results in exception on their end and he also told that the clients written in .NET need to set a directive to TRUE in order to stop this kind of behaviour but unfortunately i dont know .NET and he is not aware of PERL.

I am writing this after searching on google and perlmonks about http basic authentication used in SOAP Lite but could manage to find questions about them not working correctly and not about the behaviour also tried to read code from LWP::Useragent to find out how it works but did not understand much of it. I request you to please tell me if this is because of authentication and how authentication works.

This is my code #$PARAM has all the parameters needed to make client use SOAP::Lite +trace =>'debug'; my $xmlRequest = '<Request>'.(shift).'</Request>'; my $xmlFilter = '<Filter>'.(shift).'</Filter>'; my $webService = SOAP::Lite-> uri($PARAM->{NAMESPACE}) -> on_action(sub{sprintf '%s/%s', @_ }) -> outputxml("1") -> proxy($PARAM->{ENDPOINT}); my $response=''; eval{ $response = $webService->call(SOAP::Data->name("SubmitXml")->a +ttr({xmlns => $PARAM->{NAMESPACE}}), SOAP::Data->name(Profile => $PARAM->{PROFILE +})->type('string'), SOAP::Data->name(Request + => $xmlRequest)->type('xml'), SOAP::Data->name(Filter +=> $xmlFilter)->type('xml') ); }; if($@){print $@;} print $response; sub SOAP::Transport::HTTP::Client::get_basic_credentials{ return $PARAM->{USER_ID} => $PARAM->{PASS}; } Trace reported by Client SOAP::Transport::new: () SOAP::Serializer::new: () SOAP::Deserializer::new: () SOAP::Parser::new: () SOAP::Lite::new: () SOAP::Transport::HTTP::Client::new: () SOAP::Data::new: () SOAP::Data::new: () SOAP::Data::new: () SOAP::Data::new: () SOAP::Lite::call: () SOAP::Serializer::envelope: () SOAP::Serializer::envelope: SOAP::Data=HASH(0xeb4240) SOAP::Data=H +ASH(0xeb58f0) SOAP::Data=HASH(0xeb59b0) SOAP::Data=HASH(0xeb5a70) SOAP::Data::new: () SOAP::Data::new: () SOAP::Data::new: () SOAP::Data::new: () SOAP::Transport::HTTP::Client::send_receive: HTTP::Request=HASH(0x +ee4820) SOAP::Transport::HTTP::Client::send_receive: POST https://webservi HTTP/1.1 Accept: text/xml Accept: multipart/* Accept: application/soap Content-Length: 2025 Content-Type: text/xml; charset=utf-8 SOAPAction: <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:xsi="ht +tp://" xmlns:soapenc="http://schema" xmlns:xsd=" +hema" soap:encodingStyle="" +xmlns:soap=""><soap:Body><Su +bmitXml xmlns=""><Profile xsi:type="xsd: +string"></Profile><Request></Request><Filter><_/></Filter></SubmitXml +></soap:Body></soap:Envelope> SOAP::Transport::HTTP::Client::send_receive: HTTP::Response=HASH(0 +x1215920) SOAP::Transport::HTTP::Client::send_receive: HTTP/1.1 200 OK Connection: close Date: Thu, 02 Apr 2009 10:38:09 GMT Server: Apache-Coyote/1.1 Content-Type: text/xml;charset=utf-8 Client-Date: Thu, 02 Apr 2009 10:35:43 GMT Client-Peer: Client-Response-Num: 1 Client-SSL-Cert-Issuer: /C=US/O=Equifax/OU=Equifax Secure Certific +ate Authority Client-SSL-Cert-Subject: /C=US/ST=Georgia/L=Atlanta Client-SSL-Cipher: RC4-MD5 <?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv=" +nvelope/" xmlns:xsd="" xmlns:xsi="htt +p://"> <soapenv:Body><SubmitXmlResponse xmlns="http://webservices.xxxxx. +com"><SubmitXmlResult> </SubmitXmlResult></SubmitXmlResponse></soapenv:Body></soapenv:En +velope> SOAP::Lite::DESTROY: () SOAP::Deserializer::DESTROY: () SOAP::Parser::DESTROY: () SOAP::Transport::DESTROY: () SOAP::Transport::HTTP::Client::DESTROY: () SOAP::Serializer::DESTROY: () SOAP::Data::DESTROY: () SOAP::Data::DESTROY: () SOAP::Data::DESTROY: () SOAP::Data::DESTROY: () SOAP::Data::DESTROY: () SOAP::Data::DESTROY: () SOAP::Data::DESTROY: () SOAP::Data::DESTROY: ()

Replies are listed 'Best First'.
Re: HTTP basic authentication in SOAP::Lite
by Corion (Pope) on Apr 03, 2009 at 07:40 UTC

    Note: I haven't done anything with SOAP::Lite.

    It seems that SOAP::Transport::HTTP is using LWP::UserAgent under the hood, which would explain the double-request approach, because that's what LWP::UserAgent does if you're not specific enough in supplying your credentials.

    The first and possibly simplest approach to fixing this would be to include the credentials in the URL, that is http://${USER}:${PASS} This is possibly less than ideal if the URL is visible somewhere.

    The next approach would be not to use SOAP::Transport::HTTP::Client::get_basic_credentials but to use the credentials method to set the credentials for the hostname. I don't know if you can get at the client instance that SOAP::Lite will use - this would be preferrable to overriding the credentials method in SOAP::Transport::HTTP::Client.

Re: HTTP basic authentication in SOAP::Lite
by jhourcle (Prior) on Apr 03, 2009 at 15:05 UTC

    The first request must be sent to retrieve the domain component to send for HTTP authentication.

    You can try using the 'credentials' method, and see if that'll prevent the extra request, but it'll make your client more fragile as it'll break if they change the domain, host, etc..

Re: HTTP basic authentication in SOAP::Lite
by rahed (Scribe) on Apr 17, 2009 at 13:41 UTC
    You can also try basic authorization this way:
    $authoriz = 'Basic '.encode_base64('passwd'); $webService->transport->http_request->headers->push_header('Authorizat +ion' => $authoriz);
    I had to encode into base64 to use this with some server.
      Parameter to encode_base64 should actually read 'user:passwd'.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://755189]
Approved by Corion
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (8)
As of 2018-05-24 00:30 GMT
Find Nodes?
    Voting Booth?