Re: [soaplite] SOAP servers that manage and react to cookies
- On 2002-05-14 Randy J. Ray wrote:
>I'm trying to do some cookie-authentication exercise code, only I'm not sureYou're right, the SOAP::SOM object doesn't include the http information. One possible
>how that server-side gets and manages the cookies. Or rather, I can see where
>the cookies would be available to the HTTP code such as *::HTTP::Daemon, but I
>don't see how (or even if) the cookie data can be accessed by the routines
>that the server dispatches to. In other words, if I have a class that loads
>user data from a database, but should only do so if the cookie is correct,
>then how does the method that loads from the database see the cookie? It
>doesn't appear to be in the SOAP::SOM object that I can get from the parameter
>list when my class inherits from SOAP::Server::Parameters. I know that the
>SOAP server at use.perl.org is doing cookie-based auth, but I stumped.
solution is to extend the approach of inheriting from SOAP::Server::Parameters to also
pass the transport object. This requires the transport object to be passed up from the
SOAP::Transport::HTTP::Server to SOAP::Server and then passed to the called method
where it would be available by pop();
my $response = $self->SUPER::handle(
$self->request->content_type =~ m!^multipart/!
? join("\n", $self->request->headers_as_string, $content) : $content,
) or return;
my $trrequest = $_;
push @parameters, $request if UNIVERSAL::isa($class => 'SOAP::Server::Parameters');
push @parameters, $trrequest if UNIVERSAL::isa($class => 'SOAP::Server::Parameters');
(or maybe inherit from a different class to avoid affecting existing code?)
In the despatched method:
my $request = pop;
my $envelope = pop;
This seems to work and should give you access to the cookie headers.
Of course, the other approach is to extract the cookie headers in your server and store
them as global variables.