Loading ...
Sorry, an error occurred while loading the content.

4643Re: [soaplite] Accessing HTTP Auth from a SOAP service

Expand Messages
  • paul.hampson@pobox.com
    May 4, 2005
    • 0 Attachment
      On Tue, May 03, 2005 at 11:12:12PM -0500, Jay A. Kreibich wrote:
      > On Mon, May 02, 2005 at 01:41:13PM -0000, Paul TBBle Hampson scratched on the wall:
      > > I'm creating a SOAP service which I want to
      > > username/password protect, against the database
      > > the service modifies.

      > > It seems to me that the easiest way to do this
      > > would be to have access to the username/password
      > > sent in by the client via HTTP basic auth
      > > available somehow to the eventual perl functions.

      > I would actually say this isn't the way to do this. You are mating
      > application requirements (e.g. the need to have auth/auth info
      > associated with the SOAP transaction) with the particular transport
      > option (e.g. HTTP[S]). Even if you never plan on supporting anything
      > except HTTP[S], it is the wrong layer to be putting this information
      > into. If the auth/auth info is part of the SOAP transaction, it
      > should be included in the SOAP message, and not the transport layer.

      > There is also the issue that adding HTTP header information is
      > difficult, if not impossible, with many existing SOAP libraries
      > (SOAP::Lite not included).

      > I would suggest you look at SOAP Headers, rather than HTTP headers.

      OK, fair point and well taken.

      I've found the '@ISA' thing that lets me pop the SOM out of @_ at the
      start of every function, so I'm guessing I just call ->headers on that,
      and skip happily through that array until I find the custom headers
      I've defined...

      So I guess the main thing is, do I have to worry about namespace
      clashes with other things using the SOAP Headers, or should I just define
      my own namespace? Of course, I'm not too clear on how the latter works.

      Paul "TBBle" Hampson, on an alternate email client.
    • Show all 8 messages in this topic