SOAP::WSDL authentication

Stetec has asked for the wisdom of the Perl Monks concerning the following question:

Hello, I am rewriting some old code and want to create a SOAP request with username and password. I know that if I used SOAP::Lite I would override this method

  BEGIN {
    sub SOAP::Transport::HTTP::Client::get_basic_credentials {
      return 'username' => 'password';
    }
  }
[download]

But this code is usgin SOAP::WSDL and I cannot get it right - I always get error from server: "401 - Unauthorized: Access is denied due to invalid credentials". When I post the request with Curl from command line everything works. The server administrator told me that from logs it seems like I am not providing credentials. So far I have this:

$service = MyInterfaces::AccMgrWS::AccMgrWSSoap->new({proxy => [$url, 
+keep_alive => 1]});

my @headers = (
        SOAP::Header->name('username')->value($user),
        SOAP::Header->name('password')->value($pass),
  );

my $result = $service->GetSometing(undef, \@headers);
[download]

AccMgrWSSoap is a class that inherits from SOAP::WSDL::Client::Base and GetSometing looks like this:


sub GetSometing {
    my ($self, $body, $header) = @_;
    die "GetSometing must be called as object method (\$self is <$self
+>)" if not blessed($self);
    return $self->SUPER::call({
        operation => 'GetSometing',
        soap_action => 'http://www.some.address/GetSometing',
        style => 'document',
        body => {
            

           'use'            => 'literal',
            namespace       => 'http://schemas.xmlsoap.org/wsdl/soap/'
+,
            encodingStyle   => '',
            parts           =>  [qw( MyElements::GetSometing )],
        },
        header => {
            
        },
        headerfault => {
            
        }
    }, $body, $header);
}
[download]

Any ideas how can I make this work? Thank you

Comment on SOAP::WSDL authentication Select or Download Code

Replies are listed 'Best First'.
Re: SOAP::WSDL authentication by thanos1983 (Parson) on Mar 14, 2018 at 10:35 UTC
Hello Stetec, By reading the module SOAP::WSDL/NOTICE: `This module is not recommended for new application development. Please + use XML::Compile::SOAP or SOAP::Lite instead if possible. This module has a large number of known bugs and is not being actively + developed. This 3.0 release is intended to update the module to pass + tests on newer Perls. This is a service to existing applications alr +eady dependent on this module.` [download] If I was you I would try to find an alternative solution maybe rewrite the code? Never the less if you insist no matter what to use this module, read also this SOAP::WSDL::Manual::Cookbook it should be enough to get you going. Hope this helps, BR. Seeking for Perl wisdom...on the process of learning...not there...yet!	[reply] [d/l] [select]
Re^2: SOAP::WSDL authentication by Stetec (Novice) on Mar 27, 2018 at 13:41 UTC
I tried to add methods from documentation but I did not help. I also tried to rewrite it to SOAP::Lite and use methods that I mentioned but no success. The only way I can authenticate is when I put username and password in URL like this: https://username:password@example.com. But in this case the password appears unencrypted in server logs. There is digest authentication enabled on server but should not these methods handle it automatically? This is the response header I get from server: HTTP/1.1 401 Unauthorized Date: Tue, 27 Mar 2018 13:23:32 GMT Server: Microsoft-IIS/7.5 WWW-Authenticate: Digest qop="auth",algorithm=MD5-sess,nonce="+Upgrade +d+v10b38d21e7aaf1202a77846a2fe9d2bd901d0c2cdcec5d30156158f0a13e8aeec6 +774eb0a8e77f7baeeac127503c4b3e86a776f449098b7a4",charset=utf-8,realm= +"Digest" WWW-Authenticate: Negotiate WWW-Authenticate: NTLM WWW-Authenticate: Basic realm="example.com" Content-Length: 1293 Content-Type: text/html Client-Date: Tue, 27 Mar 2018 13:23:32 GMT Client-Peer: xxx.xxx.xxx.xxx:port Client-Response-Num: 1 Client-SSL-Cert-Issuer: something Client-SSL-Cert-Subject: something Client-SSL-Cipher: ECDHE-RSA-AES256-SHA Client-SSL-Socket-Class: IO::Socket::SSL Title: 401 - Unauthorized: Access is denied due to invalid credentials +. X-Powered-By: ASP.NET [download]	[reply] [d/l]