Ok I'm stumped. How the heck does LWP::Authen::Wsse work?

jaldhar has asked for the wisdom of the Perl Monks concerning the following question:

I'm writing a script that uses WWW::Mechanize. I need to do basic and WSSE UserToken authentication. The former is easy. For the latter I found LWP::Authen:Wsse on CPAN. WWW::Mechanize is a subclass of LWP::UserAgent so I should be able to use it right? Only, I can't figure out how. Here is some sample code:

#!/usr/bin/perl
use warnings;
use strict;
use WWW::Mechanize;
use LWP::Authen::Wsse;

my $mech = WWW::Mechanize->new;
$mech->credentials('username', 'password');
# some debug stuff.
$mech->default_header('Accept-Encoding' => scalar HTTP::Message::decod
+able());
$mech->add_handler("request_send",  sub { shift->dump; return });
$mech->add_handler("response_done", sub { shift->dump; return });

$mech->get('http://localhost/');
[download]

Note that no method from LWP::Authen::Wsse is called in the script. That's because according to the modules' documentation:

The module is used indirectly through LWP, rather than including it directly in your code. The LWP system will invoke the WSSE authentication when it encounters the authentication scheme while attempting to retrieve a URL from a server.

I think this is where I'm going wrong. Is the server supposed to send a special header asking for WSSE authentication like it does for Basic Auth? Or does LWP::Auth::Wsse (which only has one method called authenticate) have to be injected into a WWW::Mechanize object somehow? I see that LWP::UserAgent in the request() method has a hook to call authenticate() but I can't seem to get from A to B. Help!

--
જલધર

Comment on Ok I'm stumped. How the heck does LWP::Authen::Wsse work? Download Code

Replies are listed 'Best First'.
Re: Ok I'm stumped. How the heck does LWP::Authen::Wsse work? by Anonymous Monk on Apr 29, 2011 at 03:57 UTC
I think this is where I'm going wrong. Is the server supposed to send a special header asking for WSSE authentication like it does for Basic Auth? Yes Or does LWP::Auth::Wsse (which only has one method called authenticate) have to be injected into a WWW::Mechanize object somehow? No, it only has to live in the LWP::Authen:: namespace, be named `ucfirst lc $authenschemename`, and have a method called authenticate :) LWP::Authen::Wsse qualifies but I can't seem to get from A to B. Help! Its all about the headers sent and headers received, examine the headers, or show the headers :)	[reply] [d/l]
Re: Ok I'm stumped. How the heck does LWP::Authen::Wsse work? by Khen1950fx (Canon) on Apr 29, 2011 at 04:32 UTC
I was stumped at first glance too, but the main problem that I encountered was `$mech->credentials('username', 'password');` [download] Using 'perlmonks.net', I rearranged it to fit the Wsse: `$mech->credentials('perlmonks.net', '', 'username' 'password');` [download] That worked for me, and here's the script as I ran it: `#!/usr/bin/perl use strict; use warnings; use WWW::Mechanize; use Data::Dumper::Concise; my $url = 'http://www.perlmonks.net/?node_id=109'; my $mech = WWW::Mechanize->new; $mech->credentials('perlmonks.net', '', 'username', 'password'); $mech->default_header('Accept-Encoding' => scalar HTTP::Message::decod +able()); $mech->add_handler("request_send", sub { shift->dump; return }); $mech->add_handler("response_done", sub { shift->dump; return }); print Dumper($mech->get($url));` [download]	[reply] [d/l] [select]
Re^2: Ok I'm stumped. How the heck does LWP::Authen::Wsse work? by Anonymous Monk on Apr 29, 2011 at 06:19 UTC
That worked for me, and here's the script as I ran it: Seeing how perlmonks doesn't use basic authentication or Wsse, why post nonsense like that?	[reply]


good chemistry is complicated, and a little bit messy -LW
	PerlMonks