|
|
 Jon Mosier - 2006-12-26 19:04:49 First of all... thank you for the good work that you do.
I'm fairly new to all of this, so please forgive my ignorance.
Could you be so kind as to explain or show an example of how I can use basic auth with your SOAP example.
Thanks,
Jon
 Manuel Lemos - 2006-12-26 20:15:53 - In reply to message 1 from Jon MosierFirst you need to include the SASL library to provide HTTP client authentication mechanisms:
require("sasl.php");
The SASL library may be obtained here:
phpclasses.org/sasl
Then you need to include the authentication user and password in the URL like this:
$user="";
$password="";
$authentication=UrlEncode($user).":".UrlEncode($password)."@";
$url="http://".$authentication."services.xmethods.net/soap";
$http->GetRequestArguments($url,$arguments);
Jon Mosier - 2006-12-26 21:00:44 - In reply to message 2 from Manuel LemosThank you.
I'll give it a try and let you know how it goes.
- Jon
Jon Mosier - 2006-12-26 23:03:14 - In reply to message 2 from Manuel LemosManuel,
I've been giving it a good go, but still having some problems.
I've tested your http class for soap requests on other web services and it works just fine. Only problem is when I have to get through http auth. I must include the domain in the auth, so I'm using "domain/user" in the $user variable and "password" in the $password variable.
If I call "$http->GetRequestArguments($url,$arguments);" before the arguments and after the authentication section, I get "http/1.1 400 bad request:". In the Response Body section I get "The parameter is incorrect.".
See http://touchpaydirect.net/gateway/test_tiger_soap.php
When I call "$http->GetRequestArguments($url,$arguments);" after the arguments, I get the html of the web service as if I viewed the source code of the web service in a browser.
See http://touchpaydirect.net/gateway/test_tiger_soap2.php
Any ideas?
Thanks again,
Jon
Manuel Lemos - 2006-12-27 01:12:54 - In reply to message 4 from Jon MosierI don't think you should enter the domain any where in the authentication credentials. It is not used in the response that HTTP clients should send to servers requiring Basic HTTP authentication.
Jon Mosier - 2006-12-27 12:12:44 - In reply to message 5 from Manuel LemosI would normally agree with that, but it won't work without it.
Give it a try using a browser.
tigerwstest.touchpaydirect.net/Tige ...
Domain: tigersvr
UserName: TigerBanking
Password: d1700
The only way to get through is to enter "tigersvr/TigerBanking" as the UserName.
The evidence that it does get past the http auth is in http://touchpaydirect.net/gateway/test_tiger_soap2.php.
You can see what happens when I don't use the domain in http://touchpaydirect.net/gateway/test_tiger_soap3.php.
You can also see what happens when I call "$http->GetRequestArguments($url,$arguments);" in what should be the proper position (before the arguments section and after the url authentication) at the following url http://touchpaydirect.net/gateway/test_tiger_soap4.php. The result is identical to the original test_tiger_soap.php.
Thanks,
Jon
Jon Mosier - 2006-12-27 13:14:02 - In reply to message 5 from Manuel LemosManuel,
I set up my own web service with http authentication using a
domain, and it works just fine with, or without, the domain being used in the UserName.
I will contact the developer of the service I'm having trouble with and see what the differences are. I'll post again after I speak with him.
Thanks for all your help with this.
- Jon
Manuel Lemos - 2006-12-27 18:20:15 - In reply to message 7 from Jon MosierCouldn't that service be requiring NTLM (Windows LAN) authentication?
NTLM requires a domain argument, but that is set in a different way.
The SASL library also supports some versions of NTLM authentication. The authentication mechanism is picked automatically based on the server response headers.
Jon Mosier - 2006-12-27 20:37:56 - In reply to message 8 from Manuel LemosIt's just using the basic auth under IIS settings panel.
It will work when posting fields instead of SOAP envelope. I can use a curl function and add authentication to it and it works by posting fields, but not when sending headers. I use this function when posting to web services under ssl. If I use the same function, but change it to use curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $header), and submit the SOAP envelope it fails with an authentication error.
This works.
function safe_curl($url,$fields)
{
$ch = curl_init();
$res= curl_setopt ($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_USERPWD, $userName.":".$password);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
$xyz = curl_exec ($ch);
curl_close ($ch);
if ($xyz == NULL) {
echo "Error: ".curl_errno($ch) . " - " . curl_error($ch) . "\n";
}
else {
return($xyz);
}
}
Manuel Lemos - 2006-12-27 21:42:00 - In reply to message 9 from Jon MosierLooking your prior attempts, it seems test_tiger_soap2.php is accessing it correctly. What the response page says is that the requested operation is not being sent properly.
A SOAP request must be submitted via HTTP POST method but that service seems to admit non-SOAP types of request as explained here. You may want to try this.
64.233.145.106/TigerBanking/Banking ... |
