[Fedora-suds-list] Suds and Cookie Authentication
Chris Brogan
Chris.Brogan at begbies-traynor.com
Wed Jul 22 16:38:46 UTC 2009
Jeff,
Where were you when I was looking for a wife?
It works! It works, I tell you!!!
It's great! It's given me 'stuff' to use in 'things' from other 'stuff'!
Thank you so much!
First born child is on his way to you, first class.
Chris
On 22 Jul 2009, at 16:56, Jeff Ortel wrote:
> Hey Chris,
>
> Do you keep the cookiejar around?
>
> What if you just set the cookiejar on the 2nd client to the
> cookiejar (cj) returned from the fist call?
>
> # 1st client:
> client =
> Client('http://ukcolofiniis06/CMSNet/Tools/ToolsWS/
> AuthenticationService.asmx?WSDL')
> client.service.Login(username='cms',password='123')
> cj = client.options.transport.cookiejar
> # 2nd client
> client = Client('http://ukcolofiniis06/CMSNet/Time/TimeWS/
> ActionService.asmx?wsdl')
> options.transport.cookiejar = cj
> client.service.ReadSingle('0NCHG')
>
> -jeff
>
> Chris Brogan wrote:
>> Hi Jeff,
>> Effectively I'm trying to get the cookie from the first client call
>> (to authenticate - CMSNet/Tools/ToolsWS/AuthenticationService.asmx?
>> WSDL ) and try to pass it into next service call (to do basic data
>> lookup - CMSNet/Time/TimeWS/ActionService.asmx?wsdl )
>> Would caching still be my friend or, as it is against a different
>> client url wouldn't that be possible?
>> As below, I can get some cookie data from the authenticating
>> service but then it's a question of what to do with it/ how to work
>> with it. I'm told, via the application vendor, that if the services
>> as invoked using .NET frameworks, they just pass a CookieContainer
>> with the call and it all works OK...which, of course, is of no use
>> to me!
>> Cheers,
>> Chris
>> On 22 Jul 2009, at 15:53, Jeff Ortel wrote:
>>> Chris,
>>>
>>> The CookieJar is kept in memory as part of the client object.
>>> Looks like you not reusing the client and that's why you're
>>> loosing the cookie (If I follow you correctly). So, we can do two
>>> things:
>>>
>>> 1) You can cache and reuse the client. This is encouraged anyway
>>> for performance so you're not constantly sax parsing the wsdl.
>>>
>>> 2) I could add functionality to suds to cache the cookiejar to a
>>> file associated with the service location.
>>>
>>> Regards,
>>>
>>> Jeff
>>>
>>> Chris Brogan wrote:
>>>> Thanks for replying, Jeff. I replied to you last night but via my
>>>> iPhone so it will have missed out the cc and not gone to the mail
>>>> list. Sorry!
>>>> Further testing has shown that the cooking is set on
>>>> authentication but isn't being transferred to the subsequent web
>>>> service as I'll explain using the amended script:
>>>> client = Client('http://ukcolofiniis06/CMSNet/Tools/ToolsWS/
>>>> AuthenticationService.asmx?WSDL')
>>>> # Ensure new login for debug
>>>> client.service.Logout()
>>>> client.service.Login(username='cms',password='123')
>>>> boo = client.service.WhoAmI()
>>>> cj = client.options.transport.cookiejar
>>>> # REF 1 return cj
>>>> client=Client('http://ukcolofiniis06/CMSNet/Time/TimeWS/
>>>> ActionService.asmx?wsdl',headers= { 'Set-Cookie':
>>>> 'ASP.NET_SessionId=xhmc4d55weye3onymv32yj20'})
>>>> cj = client.options.transport.cookiejar
>>>> # REF 2 return cj
>>>> If I run the above with the REF 1 return uncommented I get some
>>>> information about a cookie! Thus:
>>>> <cookielib.CookieJar[<Cookie
>>>> ASP.NET_SessionId=xhmc4d55weye3onymv32yj20 for server.local/>,
>>>> <Cookie
>>>> UseOfficeXtensionOption
>>>> =SatelliteDbOnly=N&UseOfficeXtensionOptionState=HIDDEN for
>>>> server.local/>, <Cookie authCookie=authExpiry=2009-07-22
>>>> 08
>>>> :
>>>> 51
>>>> :
>>>> 58
>>>> &locale
>>>> =
>>>> EN
>>>> &useOfficeXtension
>>>> =
>>>> N
>>>> &fat
>>>> =
>>>> D8F55B5542B2EAAEBA6306D3EDFC4051199BC078CE5AABAF68FE4D5F3C31BA974436003BDF84D7B451F7373234F209BD590C1F7BA11BE51E9A788A6D9157A6F0
>>>> &wat=&lockOwnerID=bea3b705-b57a-4575-9d8a-a81d5d9ffb30 for
>>>> server.local/>]>
>>>> (I'm hoping that retrieving this is a good thing!)
>>>> Now, if I comment this back in and then access the other web
>>>> service (same server, different folder) and try to get the return
>>>> from REF 2 then there's nothing there.
>>>> Therefore, I need to know how to taken the return from REF 1 and,
>>>> I guess, add it into REF 2. Any ideas as to how I may go about
>>>> this?
>>>> Regards,
>>>> Chris
>>>> On 21 Jul 2009, at 18:49, Jeff Ortel wrote:
>>>>> Hey Chris,
>>>>>
>>>>> Suds uses the cookielib CookieJar and places returned cookies in
>>>>> the jar and sends all cookies in the jar with outbound
>>>>> messages. So, not sure why this doesn't work for you. Maybe
>>>>> someone else on the list who's used cookies with suds a little
>>>>> more can help.
>>>>>
>>>>> Is it possible the user simply doesn't have permission (proper
>>>>> roles) to do what you want?
>>>>>
>>>>> Regards,
>>>>>
>>>>> Jeff
>>>>>
>>>>> Chris Brogan wrote:
>>>>>> Hi,
>>>>>> I have successfully managed to get suds up and running on my
>>>>>> Plone instance and can consume a variety of services. However,
>>>>>> I'm having trouble with authentication on a collection of
>>>>>> services that seem to be .NET-centric and aren't playing nicely.
>>>>>> I'll try to explain this as clearly as possible so, please,
>>>>>> bear with me:
>>>>>> Having imported suds and various libraries, the various the
>>>>>> following works as expected:
>>>>>> client = Client('http:// <http://ukcolofiniis/>servername/
>>>>>> AppNet/Tools/ToolsWS/AuthenticationService.asmx?WSDL')
>>>>>> auth = client.service.Login(username='user',password='pass')
>>>>>> return auth
>>>>>> >>> True
>>>>>> Similarly,
>>>>>> client = Client('http:// <http://ukcolofiniis/>servername/
>>>>>> AppNet/Tools/ToolsWS/AuthenticationService.asmx?WSDL')
>>>>>> client.service.Login(username='cms',password='123')
>>>>>> res = client.service.WhoAmI()
>>>>>> return res
>>>>>> >>> user
>>>>>> So, all is well there...I can successfully connect and log in.
>>>>>> Moving on to the other web services (same server), I can can
>>>>>> information about them via:
>>>>>> client = Client('http:// <http://ukcolofiniis/>servername/
>>>>>> AppNet/Tools/ToolsWS/AuthenticationService.asmx?WSDL')
>>>>>> client.service.Login(username='cms',password='123')
>>>>>> client.service.WhoAmI()
>>>>>> client = Client('http://u <http://ukcolofiniis/>servername/
>>>>>> AppNet/Time/TimeWS/ActionService.asmx?wsdl')
>>>>>> return client
>>>>>> >>>
>>>>>> Suds ( https://fedorahosted.org/suds/ ) version: 0.3.6 GA
>>>>>> build: R526-20090624
>>>>>> Service ( ActionService ) tns="http://cmsopen.com/"
>>>>>> Prefixes (1)
>>>>>> ns0 = "http://cmsopen.com/"
>>>>>> Ports (2):
>>>>>> (ActionServiceSoap)
>>>>>> Methods (2):
>>>>>> Read(xs:string filter, )
>>>>>> ReadSingle(xs:string actionCode, )
>>>>>> Types (3):
>>>>>> ActionData
>>>>>> ActionDataBase
>>>>>> ArrayOfActionData
>>>>>> (ActionServiceSoap12)
>>>>>> Methods (2):
>>>>>> Read(xs:string filter, )
>>>>>> ReadSingle(xs:string actionCode, )
>>>>>> Types (3):
>>>>>> ActionData
>>>>>> ActionDataBase
>>>>>> ArrayOfActionData
>>>>>> This provides information relating to the available services
>>>>>> and the result is obviously the same with or without the first
>>>>>> 3 lines of authenticating code as nothing of any importance is
>>>>>> being asked.
>>>>>> However, when I try to do something useful with the
>>>>>> services ...eg:
>>>>>> client = Client('http:// <http://ukcolofiniis/>servername/
>>>>>> AppNet/Tools/ToolsWS/AuthenticationService.asmx?WSDL')
>>>>>> client.service.Login(username='cms',password='123')
>>>>>> client.service.WhoAmI()
>>>>>> client = Client('http:// <http://ukcolofiniis/>servername/
>>>>>> AppNet/Time/TimeWS/ActionService.asmx?wsdl')
>>>>>> result = client.service.ReadSingle('0NCHG')
>>>>>> return result
>>>>>> I get authentication errors...
>>>>>> Server raised fault:
>>>>>> 'System.Web.Services.Protocols.SoapException: Server was unable
>>>>>> to process request. ---> System.Security.SecurityException:
>>>>>> Request for principal permission failed. at
>>>>>> System
>>>>>> .Security
>>>>>> .Permissions.PrincipalPermission.ThrowSecurityException() at
>>>>>> System.Security.Permissions.PrincipalPermission.Demand() at
>>>>>> System.Security.PermissionSet.DemandNonCAS() at
>>>>>> Solution6.Cio.Time.ActionService.ReadSingle(String actionCode)
>>>>>> The action that failed was: Demand The type of the first
>>>>>> permission that failed was:
>>>>>> System.Security.Permissions.PrincipalPermission The first
>>>>>> permission that failed was: <IPermission
>>>>>> class="System.Security.Permissions.PrincipalPermission,
>>>>>> mscorlib, Version=2.0.0.0, Culture=neutral,
>>>>>> PublicKeyToken=b77a5c561934e089" version="1"> <Identity
>>>>>> Authenticated="true" Role="ciouser"/> </IPermission> The demand
>>>>>> was for: <IPermission
>>>>>> class="System.Security.Permissions.PrincipalPermission,
>>>>>> mscorlib, Version=2.0.0.0, Culture=neutral,
>>>>>> PublicKeyToken=b77a5c561934e089" version="1"> <Identity
>>>>>> Authenticated="true" Role="ciouser"/> </IPermission> The
>>>>>> assembly or AppDomain that failed was: mscorlib,
>>>>>> Version=2.0.0.0, Culture=neutral,
>>>>>> PublicKeyToken=b77a5c561934e089 --- End of inner exception
>>>>>> stack trace ---'
>>>>>> Now, this seems to be because when the
>>>>>> AuthenticationService.asmx service is run in a .NET environment
>>>>>> (which I know very little about!), the object is attributed
>>>>>> with a cookie using CookieContainer which can then get passed
>>>>>> into subsequent calls. However, there doesn't seem to be any
>>>>>> transparent way to grab this cookie from the various
>>>>>> authentication services (they tend to return booleans) so that
>>>>>> I can then try to get to grips with trying to pass is to
>>>>>> subsequent services so I'm pretty much stuck. Does anyone have
>>>>>> any pointers?
>>>>>> Chris
>>>>>> www.begbies-traynorgroup.com <http://www.begbies-
>>>>>> traynorgroup.com> <http://www.begbies-traynorgroup.com> <http://www.begbies-traynorgroup.com
>>>>>> >
>>>>>> CONFIDENTIALITY : This email and its attachments are
>>>>>> confidential to the intended recipient. They may not be used
>>>>>> by, disclosed to or copied in any way to anyone other than the
>>>>>> intended recipient. If this email is received in error, please
>>>>>> contact Begbies Traynor Group IT Department on +44 (0)161 837
>>>>>> 1837, provide details of the sender and the address to which it
>>>>>> has been sent and then delete it. Opinions, conclusions and
>>>>>> other statements and information in this message that do not
>>>>>> relate to the official business of the legal entity which sent
>>>>>> it or any other entity within the Begbies Traynor Group shall
>>>>>> be understood as neither given nor endorsed by them.
>>>>>> VIRUSES : Although we have taken steps to ensure that this
>>>>>> email and any attachments are free from any virus, it is your
>>>>>> responsibility to check that they are actually virus free. We
>>>>>> do not accept any responsibility for viruses. This message has
>>>>>> been scanned for viruses by MailControl.
>>>>>> ------------------------------------------------------------------------
>>>>>> _______________________________________________
>>>>>> fedora-suds-list mailing list
>>>>>> fedora-suds-list at redhat.com <mailto:fedora-suds-
>>>>>> list at redhat.com> <mailto:fedora-suds-list at redhat.com>
>>>>>> https://www.redhat.com/mailman/listinfo/fedora-suds-list
>>>> *Chris Brogan*
>>>> IT Development Manager
>>>> Begbies Traynor Group plc
>>>> 340 Deansgate, Manchester, M3 4LY
>>>> T: +44 (0)161 837 1700
>>>> F: +44 (0)161 837 1701
>>>> D: +44 (0)161 837 1844
>>>> www.begbies-traynorgroup.com <http://www.begbies-
>>>> traynorgroup.com> <http://www.begbies-traynorgroup.com>
>> *Chris Brogan*
>> IT Development Manager
>> Begbies Traynor Group plc
>> 340 Deansgate, Manchester, M3 4LY
>> T: +44 (0)161 837 1700
>> F: +44 (0)161 837 1701
>> D: +44 (0)161 837 1844
>> www.begbies-traynorgroup.com <http://www.begbies-traynorgroup.com>
Chris Brogan
IT Development Manager
Begbies Traynor Group plc
340 Deansgate, Manchester, M3 4LY
T: +44 (0)161 837 1700
F: +44 (0)161 837 1701
D: +44 (0)161 837 1844
www.begbies-traynorgroup.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-suds-list/attachments/20090722/42cc069f/attachment.htm>
More information about the fedora-suds-list
mailing list