[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

NuSOAP WSDL and HTTP Authentication Problems

Posted on 2004-12-01
7
Medium Priority
?
7,771 Views
Last Modified: 2012-08-13
I'm using NuSOAP 1.81, which I checked to make sure I
have the latest version to avoid bugs. I created a
SOAP server and I'm able to access the services from
both PHP and Java clients except when I place an
.htaccess file on the server to protect the services.
I can access the wsdl file from the broswer but the
clients are having trouble. Presently, if I make the
client like this it works, except it says " wsdl
error: XML error parsing WSDL from
http://www.serverhost.com/ws/server.php on line 76:
not well-formed (invalid token)":

$client = new
soapclient('http://www.serverhost.com/ws/server.php',
true);
$client->setCredentials($username,$password);
// Check for any errors from the remote service
$err = $client->getError();
 if ($err) {
    echo '<p><b>Error: ' . $err . '</b></p>';
  }

But, my java client keep getting a 401 error, about
authentication. I'm using Apache Axis through JBuilder
to develop my java client. However, if I removed the
authentication files (.htaccess/.htpasswd) from the
server my java clietn works fine.

Can anyone who had this problem and worked around it
give me some help. Some services that would be exposed
I have to protect them, another option I have is to
pass a username and password in service request, but I
think it's a bit of overhead and also I need to
protect the wsdl file not just the services exposed.

I would greatly appreciate some help. Below I listed a
simple server that show's how I'm implementing the
SOAP Server.

<?php
// server.php
// Insert the NuSOAP code
require_once('nusoap.php');

$NAMESPACE = "http://www.company.com/WebService";

// Create an instance of the server
$server = new soap_server;

// Initialize WSDL support
$server->configureWSDL('Events', $NAMESPACE);

// Put the WSDL schema types in the namespace with the
tns prefix
$server->wsdl->schemaTargetNamespace = $NAMESPACE;

$server->wsdl->addComplexType(
      'Person',
      'complexType',
      'struct',
      'all',
      '',
      array(
      
'personId'=>array('name'=>'personId','type'=>'xsd:int'),
      
'firstName'=>array('name'=>'firstName','type'=>'xsd:string'),
      
'lastName'=>array('name'=>'lastName','type'=>'xsd:string')
      )
);

$server->register(
      'getPerson',
      array('personId'=>'xsd:int'),
      array('return'=>'tns:Person'),
      $NAMESPACE,
      $NAMESPACE . '#' . 'getPerson',
      'rpc',
      'encoded',
      'Returns a pserson by ID'
);

function getPerson($personId) {
      if($personId==0||$personId=='') {
            return new soap_fault('Client', '', 'Must supply a
person id.');
      }
      else {
            $aPerson = array(
                              'personId'=>999,
                              'firstName'=>'Bart',
                              'lastName'=>'Simpson'
                              );
                  return $aPerson;
      }
}

$HTTP_RAW_POST_DATA = isset($HTTP_RAW_POST_DATA) ?
$HTTP_RAW_POST_DATA : '';
$server->service($HTTP_RAW_POST_DATA);
?>
0
Comment
Question by:Squig
  • 3
  • 2
6 Comments
 
LVL 48

Expert Comment

by:hernst42
ID: 12715933
If you get a 401 error then the authentication is not satisfied (e.g missing basic-auth-informatio). Whats your content of that .htaccess-file? It has nothing to do with PHP. Maybe your java-client is not able to send such basic-auth-paramas as the PHP-client does. Have you also checked the complete output of the xml-file send by the server for PHP-notices /warnings when protecting is on?
0
 

Author Comment

by:Squig
ID: 12716013
it works fine because I try to access through the browser where it prompts for username and password it works. below is the contents of my .htaccess file. I'm also testing on my workstation.

AuthUserFile "D:/Apache/test0.canreig.local/htdocs/ws/.htpasswd"
AuthName "This is a Restricted Area"
AuthType Basic

<Limit GET POST>
require valid-user
</Limit>
0
 
LVL 48

Expert Comment

by:hernst42
ID: 12716434
Yes the browser typlical implement this feature correct, but maybe the Java-HTTP-Client/Soap is not able to that basic auth correctly.

To track that error down I would use an network-sniffer an check what is send to see where those errors come from when you use basic-aut to protect that files.

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Squig
ID: 12716700
It seems it might be some limitations in NuSOAP. If I create a soap service without using WSDL HTTP Authentication works fine, but when I use WSDL it has problems. Using a PHP client, I can get it working if I add the username and password to the URL like this "http://username:password@www.myurl.com/to/webservice.php". I'm about to try using PHP HTTP authentication instead of Apache to see if it owuld make a difference. I've looked through a few post and a number of people seemed to had the same problems, but I haven't seen any solutions as yet. Also, I tried it on a different server to make sure it wasn't my server configuration that was causing the problem, and I had the same problem.
0
 

Author Comment

by:Squig
ID: 12727621
Ok, I got the problem solved. So here's the solution to anyone else who might have the same problem. The client should be as follows:

define('username', 'foo');
define('password', 'bar');
 
// This is location of the remote service
$client = new soapclient('https://' . username . ":" . password . '@www.securewebexchange.com/canreig.com/ws/server.php?wsdl', true);
$client->setCredentials(username,password);

I define the username and password as constants, and that's it.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 12905724
PAQed with points refunded (500)

modulo
Community Support Moderator
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Developers of all skill levels should learn to use current best practices when developing websites. However many developers, new and old, fall into the trap of using deprecated features because this is what so many tutorials and books tell them to u…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Suggested Courses
Course of the Month20 days, 6 hours left to enroll

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question