vijalpatel has asked for the wisdom of the Perl Monks concerning the following question:

Hoping somebody has some experience with this because after a few hours of googling, I came up somewhat empty handed.

In short, I'm a Java Software Engineer and published a handful of WSDLs for other applications within my company to use. Due to security reasons, we require users of these (along with the web application accompanying these web services) to be authenticated ntlm.

We have an existing framework written in PERL that needs access to these wsdls for data.

This is about how far I've gotten!:

use SOAP::Lite;
 
print SOAP::Lite
   -> service('http://localhost:808/wsdl/BuildService.wsdl')
   -> addBuild ('Name');

[download]
-- Need to add in authentication (LWP-UserAgent ?) because as it stands,
Service description '...' can't be loaded: 401 Unauthorized

Thoughts/tips/solutions ?

Replies are listed 'Best First'.
Re: soap::lite + ntlm + wsdls, how?
by Anonymous Monk on Oct 09, 2009 at 00:31 UTC
[reply]
Re: soap::lite + ntlm + wsdls, how?
by bv (Friar) on Oct 09, 2009 at 16:47 UTC

    Do check out the link above, it seems valuable. I just wanted to point out that Authen::Ntlm (that LWP::Authen::Ntlm uses without actually depending on it, which would have been useful) takes some liberties with the NTLMv2 protocol. I'm not saying it doesn't work, but the client nonce is always null, the time is calculated wrong (needs bigint support to really count the tenths of a microsecond since 1601), and unicode conversion is done by inserting nulls every other ASCII char, so if your password uses actual Unicode characters, it won't work.

    print pack("A25",pack("V*",map{1919242272+$_}(34481450,-49737472,6228,0,-285028276,6979,-1380265972)))
[reply]
[d/l]
Re: soap::lite + ntlm + wsdls, how?
by vijalpatel (Initiate) on Oct 12, 2009 at 16:14 UTC
    I tried to follow that as an example but assumed syntax would vary because it wasn't making use of the service call. Even with using that as guidance, still no luck. Here's the code I've come up with with the execution log. 
    #!/usr/bin/perl

use lib qw( \\crdhome\shares\TechHome\dbuild\ourperl );
use SOAP::Lite;
use LWP::UserAgent;
use LWP::Debug;

LWP::Debug::level('+');
SOAP::Lite->import(+trace => 'all');

our $l_endpoint = 'http://localhost:8080/RelengWeb/MachineActivityWSPo
+rt';
our $l_domain = 'DOMAIN';
our $l_username = 'DOMAIN\\user';
our $l_password = 'userPassword';

my @ua_args = (keep_alive => 1);
my @credentials = ($l_domain, "", $l_username, $l_password);
my $schema_ua = LWP::UserAgent->new(@ua_args);

$schema_ua->credentials(@credentials);

print "\nBuilding proxy\n\n";
$soap = SOAP::Lite->proxy($l_endpoint, @ua_args, credentials => \@cred
+entials);

print "\nSetting URI\n\n";
$soap->uri("$l_endpoint");

print "\nSetting user agent\n\n";
$soap->useragent($schema_ua);

print "\nTrying to connect to MachineActivity Port\n\n";

my $service = $soap->service("$l_endpoint" . "?wsdl");

print 'Successfully connected.';

sub SOAP::Transport::HTTP::Client::get_basic_credentials { return ('us
+er' => 'password') };

    [download]
    Response: 
    LWP::UserAgent::new: ()

Building proxy

SOAP::Transport::new: ()
SOAP::Serializer::new: ()
SOAP::Deserializer::new: ()
SOAP::Parser::new: ()
SOAP::Lite::new: ()
LWP::UserAgent::new: ()
SOAP::Transport::HTTP::Client::new: ()

Setting URI


Setting user agent

SOAP::Lite::call: ()
SOAP::Serializer::envelope: ()
SOAP::Serializer::envelope: useragent LWP::UserAgent=HASH(0x1030cec4)
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
Cannot encode 'domain' element as 'hash'. Will be encoded as 'map' ins
+tead
SOAP::Data::new: ()
SOAP::Transport::HTTP::Client::send_receive: HTTP::Request=HASH(0x1035
+e644)
SOAP::Transport::HTTP::Client::send_receive: POST http://localhost:808
+0/RelengWe
b/MachineActivityWSPort HTTP/1.1
Accept: text/xml
Accept: multipart/*
Content-Length: 1784
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://localhost:8080/RelengWeb/MachineActivityWSPort#use
+ragent"

<?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelope xmlns:apachen
+s="http://
xml.apache.org/xml-soap" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/so
+ap/envelop
e/" xmlns:namesp2="http://namespaces.soaplite.com/perl" xmlns:xsi="htt
+p://www.w3
.org/1999/XMLSchema-instance" xmlns:SOAP-ENC="http://schemas.xmlsoap.o
+rg/soap/en
coding/" xmlns:xsd="http://www.w3.org/1999/XMLSchema" SOAP-ENV:encodin
+gStyle="ht
tp://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><namesp1:usera
+gent xmlns
:namesp1="http://localhost:8080/RelengWeb/MachineActivityWSPort"><LWP_
+_UserAgent
 xsi:type="namesp2:LWP__UserAgent"><max_redirect xsi:type="xsd:int">7<
+/max_redir
ect><conn_cache xsi:type="namesp2:LWP__ConnCache"><cc_limit_total xsi:
+type="xsd:
int">1</cc_limit_total><cc_conns xsi:type="SOAP-ENC:Array" SOAP-ENC:ar
+rayType="x
sd:ur-type[0]"/></conn_cache><protocols_forbidden xsi:null="1"/><no_pr
+oxy xsi:ty
pe="SOAP-ENC:Array" SOAP-ENC:arrayType="xsd:ur-type[0]"/><protocols_al
+lowed xsi:
null="1"/><use_eval xsi:type="xsd:int">1</use_eval><requests_redirecta
+ble xsi:ty
pe="SOAP-ENC:Array" SOAP-ENC:arrayType="xsd:string[2]"><item xsi:type=
+"xsd:strin
g">GET</item><item xsi:type="xsd:string">HEAD</item></requests_redirec
+table><fro
m xsi:null="1"/><timeout xsi:type="xsd:int">180</timeout><agent xsi:ty
+pe="xsd:st
ring">libwww-perl/5.805</agent><def_headers xsi:null="1"/><parse_head 
+xsi:type="
xsd:int">1</parse_head><proxy/><basic_authentication><domain xsi:type=
+"apachens:
Map"><item><key xsi:type="xsd:string"/><value xsi:type="SOAP-ENC:Array
+" SOAP-ENC
:arrayType="xsd:string[2]"><item xsi:type="xsd:string">DOMAIN\user</it
+em><item x
si:type="xsd:string">userPassword</item></value></item></domain></basi
+c_authenti
cation><max_size xsi:null="1"/></LWP__UserAgent></namesp1:useragent></
+SOAP-ENV:B
ody></SOAP-ENV:Envelope>
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: POST http://localhost:8080/RelengWeb/Mac
+hineActivi
tyWSPort
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::Protocol::http::request: Keep the http connection to localhost:80
+80
LWP::UserAgent::request: Simple response: Unauthorized
SOAP::Transport::HTTP::Client::send_receive: HTTP::Response=HASH(0x102
+0d39c)
SOAP::Transport::HTTP::Client::send_receive: HTTP/1.1 401 Unauthorized
Date: Mon, 12 Oct 2009 16:11:55 GMT
Server: Apache-Coyote/1.1
WWW-Authenticate: NTLM
Content-Length: 0
Client-Date: Mon, 12 Oct 2009 16:11:56 GMT
Client-Peer: 127.0.0.1:8080
Client-Response-Num: 1
Client-Warning: Unsupported authentication scheme 'ntlm'

401 Unauthorized at test.pl line 29
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Transport::HTTP::Client::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Parser::DESTROY: ()
SOAP::Transport::DESTROY: ()
SOAP::Serializer::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Deserializer::DESTROY: ()
SOAP::Lite::DESTROY: ()

    [download]
    Any pointers? It doesn't look like it's authorizing correctly. I've tried both one \ and two \\ in the username
[reply]
[d/l]
[select]
      Hm okay, still playing around with it. Looks like NTLM module wasn't installed properly (or at least not the right version). I fixed that and updated the script, here's where I'm at currently. I tried using the fix as posted above in the comments but to no avail. Perl: 
      #!/usr/bin/perl

use lib qw( \\crdhome\shares\TechHome\dbuild\ourperl );
use SOAP::Lite;
use LWP::UserAgent;
use LWP::Debug;

LWP::Debug::level('+');
SOAP::Lite->import(+trace => 'all');

our $l_endpoint = 'http://localhost:8080/RelengWeb/MachineActivityWSPo
+rt';
our $l_domain = 'DOMAIN';
our $l_username = 'DOMAIN\\username';
our $l_password = 'password';

my @ua_args = (keep_alive => 1);
my @credentials = ($l_domain, "", $l_username, $l_password);

my $schema_ua = LWP::UserAgent->new(@ua_args);

$schema_ua->credentials(@credentials);

print "\nBuilding proxy\n\n";
$soap = SOAP::Lite->proxy($l_endpoint . '?wsdl', @ua_args, credentials
+ => \@credentials);

print "\nSetting URI\n\n";
$soap->uri("$l_endpoint");

#print "\nSetting user agent\n\n";
#$soap->useragent($schema_ua);

print "\nTrying to connect to MachineActivity Port\n\n";
my $service = $soap->service("$l_endpoint" . "?wsdl");
print 'Successfully connected.';

sub SOAP::Transport::HTTP::Client::get_basic_credentials { return ('us
+er' => 'password') };

      [download]
      Response: 
      LWP::UserAgent::new: ()

Building proxy

SOAP::Transport::new: ()
SOAP::Serializer::new: ()
SOAP::Deserializer::new: ()
SOAP::Parser::new: ()
SOAP::Lite::new: ()
LWP::UserAgent::new: ()
SOAP::Transport::HTTP::Client::new: ()

Setting URI


Trying to connect to MachineActivity Port

SOAP::Deserializer::new: ()
SOAP::Parser::new: ()
SOAP::Schema::new: ()
LWP::UserAgent::new: ()
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: GET http://localhost:8080/RelengWeb/Mach
+ineActivit
yWSPort?wsdl
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::UserAgent::request: Simple response: Unauthorized
LWP::Authen::Ntlm::authenticate: authenticate() has been called
Use of uninitialized value in exists at /usr/lib/perl5/5.8/cygwin/LWP/
+UserAgent.
pm line 566.
LWP::Authen::Ntlm::authenticate: No username and password available fr
+om get_bas
ic_credentials().  Returning unmodified response object
Service description 'http://localhost:8080/RelengWeb/MachineActivityWS
+Port?wsdl'
 can't be loaded: 401 Unauthorized
SOAP::Schema::DESTROY: ()
SOAP::Deserializer::DESTROY: ()
SOAP::Parser::DESTROY: ()
SOAP::Transport::HTTP::Client::DESTROY: ()
SOAP::Parser::DESTROY: ()
SOAP::Transport::DESTROY: ()
SOAP::Serializer::DESTROY: ()
SOAP::Deserializer::DESTROY: ()
SOAP::Lite::DESTROY: ()

      [download]
      Am I overriding the wrong method with the sub-- thing? Ty
[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom