Re^7: Soap::lite

What platform are you on? (I've had and solved thread-related problems on Win32)

I think the best thing to do here would be to:

test that you can get a working HTTPS server working first (and tested against your Java client),
then to add a handler to it for SOAP::Lite (and anything else you please... eg: Pod::WSDL).

The following modules all allow you to easily construct an HTTPS server:

HTTP::Daemon::SSL

use HTTP::Daemon::SSL;
use HTTP::Status;

# Make sure you have a certs/ directory with "server-cert.pem"
# and "server-key.pem" in it before running this!
my $d = HTTP::Daemon::SSL->new || die;
print "Please contact me at: <URL:", $d->url, ">\n";
while (my $c = $d->accept) {
  while (my $r = $c->get_request) {
    if ($r->method eq 'GET' and $r->url->path eq "/xyzzy") {
      # remember, this is *not* recommened practice :-)
      $c->send_file_response("/etc/passwd");
    } else {
      $c->send_error(RC_FORBIDDEN)
    }
  }
  $c->close;
  undef($c);
}
[download]

Net::Server, using Net::Server::Proto::SSL as protocol and Net::Server::Fork as your "personality".
(This approach seems quite flexible)

Net::Daemon::SSL

use Net::Daemon::SSL;
package MyDaemon;
@MyDaemon::ISA = qw (Net::Daemon::SSL);
sub Run
{
  my $this = shift;
  my $buffer;
  $this->{socket}->print ( "vasja was here\n" );
  $this->{socket}->sysread ( $buffer, 100 );

  # Attention! getline() method
  # do not work with IO::Socket::SSL
  # version 0.73
  # see perldoc IO::Socket::SSL
  # for more details
}
package main;
my $daemon = new MyDaemon ( {}, \ @ARGV ); 
# you can use --help command line key
$daemon || die "error create daemon instance: $!\n";
$daemon->Bind();
[download]

Does at least one of those methods give you a working HTTPS server on your platform?

(Please test with just an SSL-capable webbrowser - ie: Firefox - to rule out the client-side as a problem.)

If you're on windows (not cygwin) and you need to service more than one request simultaneously, you'll need to work around the problems caused by the partial lack of thread-safety in Net::SSLeay. It can be done, but I found it involved writing a much more complicated webserver.

-David

PS: are you definately prohibited from using Apache as your HTTPS/CGI server ? I could not use it in my situation, but it's a much easier solution than writing your own.

Comment on Re^7: Soap::lite - https ? Select or Download Code

Replies are listed 'Best First'.
Re^8: Soap::lite - https ? by ethrbunny (Monk) on Aug 16, 2007 at 15:53 UTC
I managed to get this code working. I had to modify /site/lib/SOAP/HTTP.pm and change the call to `$self->{_daemon} = HTTP::Daemon::SSL->new(@params) or Carp::croak +"Can't create daemon: $!";` [download] so it would use the SSL version. This is going to make it tough to propagate my code.	[reply] [d/l]
Re^9: Soap::lite - https ? by erroneousBollock (Curate) on Aug 16, 2007 at 17:17 UTC
Excellent, so you have a working HTTPS server. (You can put it on whatever port you wish... 443 is just a convention.) Now, you don't want to be changing SOAP or SOAP::Lite for deployment, so the trick is to invert control; instead of SOAP::Lite calling HTTP::Daemon, you create a one-shot HTTP::Request handler around SOAP::Lite, and have that handle the request passed to it by HTTP::Daemon::SSL. So inside your pre-existing HTTP::Daemon::SSL loop... (where you'd normally parse the HTTP request and construct some HTTP response) ... firstly, construct an HTTP::Request object: `# I usually molest $raw_request_string a little here... my $request = HTTP::Request->parse($raw_request_string);` [download] create a one-off soap handler: `my $soap = SOAP::Transport::HTTP::Server -> new(YOUR_SOAP_SPECIFIC_ARGS) -> dispatch_to(YOUR_CLASS);` [download] then feed the request object to the soap handler: `# and I usually munge headers/SOAPaction here... $soap->request($request);` [download] dispatch the request to your class via SOAP::Lite: `$soap->handle();` [download] finally, pull out the response it built: `my $response = $soap->response;` [download] As I implied earlier in this thread, doing it this way gives you more control over the HTTP request life-cycle... which means you can serve more than just SOAP rpc's from the service. As an example, you can inspect the request (say before constructing the HTTP::Request object) and determine (based on the URI) whether you want to respond as SOAP rpc, respond with WSDL describing the service, or even respond with HTML explaining how to use the service. (In my webservice framework I do all those, plus JSONRPC and some dynamic web content.) -David	[reply] [d/l] [select]
Re^10: Soap::lite - https ? by ethrbunny (Monk) on Aug 22, 2007 at 22:02 UTC
Ok. It finally took a complete uninstall/reinstall of Active Perl to fix whatever was up with my system. Here's the 'finished' product - for posterity. use HTTP::Daemon::SSL; use HTTP::Status; use SOAP::Lite; use SOAP::Transport::HTTP; # my soap package use auth; # Make sure you have a certs/ directory with "server-cert.pem" # and "server-key.pem" in it before running this! my $daemon = HTTP::Daemon::SSL->new(LocalPort => 8001) \|\| die; my $soap = SOAP::Transport::HTTP::Server -> new ( ) -> dispatch_to(qw(auth)); print "Please contact me at: <URL:", $daemon->url, ">\n"; while (my $conn = $daemon->accept()) { while (my $request = $conn->get_request()) { $soap->request($request); $soap->handle(); my $response = $soap->response(); $conn->send_response($response); } $conn->close; undef($conn); } [download] This will 'service' my soap requests at https://<server>:8001. Thank you very much for your extensive help on this matter. I wouldn't have gotten anywhere without it.	[reply] [d/l]
Re^11: Soap::lite - https ? by perlchild (Acolyte) on Aug 12, 2008 at 23:38 UTC