Problem with SOAP and authentication? SoapFault exception: [HTTP] Unauthorized
in [General]
|
From: robert mena on 26 Jun 2010 18:46 Hi, I am trying to access a webservice using php's soapclient but I keep getting the error SoapFault exception: [HTTP] Unauthorized If I try using a web browser I can authenticate using the same credentials used by the php code. I've searched but the only mention that I found led to a 'won't fix' bug registered to php 5.1.6. I am using 5.2.10. Any ideas of what may be causing this? Is there a workaround? Regards.
From: Richard Quadling on 28 Jun 2010 06:27 On 26 June 2010 23:46, robert mena <robert.mena(a)gmail.com> wrote: > Hi, > > I am trying to access a webservice using php's soapclient but I keep getting > the error SoapFault exception: [HTTP] Unauthorized > > If I try using a web browser I can authenticate using the same credentials > used by the php code. > > I've searched but the only mention that I found led to a 'won't fix' bug > registered to php 5.1.6. Â I am using 5.2.10. > > Any ideas of what may be causing this? Â Is there a workaround? > > Regards. > Can you show the SoapClient construction you are using? The documentation says that you can supply HTTP authentication [1] ... "For HTTP authentication, the login and password options can be used to supply credentials. For making an HTTP connection through a proxy server, the options proxy_host, proxy_port, proxy_login and proxy_password are also available. For HTTPS client certificate authentication use local_cert and passphrase options. An authentication may be supplied in the authentication option. The authentication method may be either SOAP_AUTHENTICATION_BASIC (default) or SOAP_AUTHENTICATION_DIGEST." There was recent activity on a Soap Authorisation Header bug [2]. If this issue is appropriate, you can try a building your code code from SVN (no win32 snapshots for a LONG time now). Regards, Richard. [1] http://docs.php.net/manual/en/soapclient.soapclient.php [2] http://bugs.php.net/bug.php?id=50976 -- ----- Richard Quadling "Standing on the shoulders of some very clever giants!" EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling
From: robert mena on 28 Jun 2010 17:37 Hi, I'll have a look. I am using Zend Framework's Zend_Soap_Client which in turn uses SoapClient. I'll try to use SoapClient directly. I am not using https and I am not going through a proxy (using a non standard port). I've tested with another SOAP client (a standalone application called SoapUI) without a problem. Is there anyone using SoapClient (or Zend_Soap_Client) with auth with success? What other library (that does not use SoapClient) could I try? On Mon, Jun 28, 2010 at 6:27 AM, Richard Quadling <rquadling(a)gmail.com>wrote: > On 26 June 2010 23:46, robert mena <robert.mena(a)gmail.com> wrote: > > Hi, > > > > I am trying to access a webservice using php's soapclient but I keep > getting > > the error SoapFault exception: [HTTP] Unauthorized > > > > If I try using a web browser I can authenticate using the same > credentials > > used by the php code. > > > > I've searched but the only mention that I found led to a 'won't fix' bug > > registered to php 5.1.6. I am using 5.2.10. > > > > Any ideas of what may be causing this? Is there a workaround? > > > > Regards. > > > > Can you show the SoapClient construction you are using? > > The documentation says that you can supply HTTP authentication [1] ... > > "For HTTP authentication, the login and password options can be used > to supply credentials. For making an HTTP connection through a proxy > server, the options proxy_host, proxy_port, proxy_login and > proxy_password are also available. For HTTPS client certificate > authentication use local_cert and passphrase options. An > authentication may be supplied in the authentication option. The > authentication method may be either SOAP_AUTHENTICATION_BASIC > (default) or SOAP_AUTHENTICATION_DIGEST." > > There was recent activity on a Soap Authorisation Header bug [2]. > > If this issue is appropriate, you can try a building your code code > from SVN (no win32 snapshots for a LONG time now). > > Regards, > > Richard. > > [1] http://docs.php.net/manual/en/soapclient.soapclient.php > [2] http://bugs.php.net/bug.php?id=50976 > -- > ----- > Richard Quadling > "Standing on the shoulders of some very clever giants!" > EE : http://www.experts-exchange.com/M_248814.html > EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp > Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 > ZOPA : http://uk.zopa.com/member/RQuadling >
From: Richard Quadling on 29 Jun 2010 07:20 On 28 June 2010 22:37, robert mena <robert.mena(a)gmail.com> wrote: > Hi, > I'll have a look. Â I am using Zend Framework's Zend_Soap_Client which in > turn uses SoapClient. Â I'll try to use SoapClient directly. > I am not using https and I am not going through a proxy (using a non > standard port). Â I've tested with another SOAP client (a standalone > application called SoapUI) without a problem. > > Is there anyone using SoapClient (or Zend_Soap_Client) with auth with > success? Â What other library (that does not use SoapClient) could I try? > On Mon, Jun 28, 2010 at 6:27 AM, Richard Quadling <rquadling(a)gmail.com> > wrote: >> >> On 26 June 2010 23:46, robert mena <robert.mena(a)gmail.com> wrote: >> > Hi, >> > >> > I am trying to access a webservice using php's soapclient but I keep >> > getting >> > the error SoapFault exception: [HTTP] Unauthorized >> > >> > If I try using a web browser I can authenticate using the same >> > credentials >> > used by the php code. >> > >> > I've searched but the only mention that I found led to a 'won't fix' bug >> > registered to php 5.1.6. Â I am using 5.2.10. >> > >> > Any ideas of what may be causing this? Â Is there a workaround? >> > >> > Regards. >> > >> >> Can you show the SoapClient construction you are using? >> >> The documentation says that you can supply HTTP authentication [1] ... >> >> "For HTTP authentication, the login and password options can be used >> to supply credentials. For making an HTTP connection through a proxy >> server, the options proxy_host, proxy_port, proxy_login and >> proxy_password are also available. For HTTPS client certificate >> authentication use local_cert and passphrase options. An >> authentication may be supplied in the authentication option. The >> authentication method may be either SOAP_AUTHENTICATION_BASIC >> (default) or SOAP_AUTHENTICATION_DIGEST." >> >> There was recent activity on a Soap Authorisation Header bug [2]. >> >> If this issue is appropriate, you can try a building your code code >> from SVN (no win32 snapshots for a LONG time now). >> >> Regards, >> >> Richard. >> >> [1] http://docs.php.net/manual/en/soapclient.soapclient.php >> [2] http://bugs.php.net/bug.php?id=50976 >> -- >> ----- >> Richard Quadling >> "Standing on the shoulders of some very clever giants!" >> EE : http://www.experts-exchange.com/M_248814.html >> EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp >> Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 >> ZOPA : http://uk.zopa.com/member/RQuadling > > If you have got a working setup, then use a tool like WireShark to watch what is happening on the wire. You'll be able to see the exact conversation and see what headers are being sent and received. Ideally the requests should be as identical as possible (same criteria, security, etc.) to make the comparison easier. Richard. -- ----- Richard Quadling "Standing on the shoulders of some very clever giants!" EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling
From: Richard Quadling on 29 Jun 2010 07:23
On 28 June 2010 22:37, robert mena <robert.mena(a)gmail.com> wrote: > Hi, > I'll have a look. Â I am using Zend Framework's Zend_Soap_Client which in > turn uses SoapClient. Â I'll try to use SoapClient directly. > I am not using https and I am not going through a proxy (using a non > standard port). Â I've tested with another SOAP client (a standalone > application called SoapUI) without a problem. > > Is there anyone using SoapClient (or Zend_Soap_Client) with auth with > success? Â What other library (that does not use SoapClient) could I try? > On Mon, Jun 28, 2010 at 6:27 AM, Richard Quadling <rquadling(a)gmail.com> > wrote: >> >> On 26 June 2010 23:46, robert mena <robert.mena(a)gmail.com> wrote: >> > Hi, >> > >> > I am trying to access a webservice using php's soapclient but I keep >> > getting >> > the error SoapFault exception: [HTTP] Unauthorized >> > >> > If I try using a web browser I can authenticate using the same >> > credentials >> > used by the php code. >> > >> > I've searched but the only mention that I found led to a 'won't fix' bug >> > registered to php 5.1.6. Â I am using 5.2.10. >> > >> > Any ideas of what may be causing this? Â Is there a workaround? >> > >> > Regards. >> > >> >> Can you show the SoapClient construction you are using? >> >> The documentation says that you can supply HTTP authentication [1] ... >> >> "For HTTP authentication, the login and password options can be used >> to supply credentials. For making an HTTP connection through a proxy >> server, the options proxy_host, proxy_port, proxy_login and >> proxy_password are also available. For HTTPS client certificate >> authentication use local_cert and passphrase options. An >> authentication may be supplied in the authentication option. The >> authentication method may be either SOAP_AUTHENTICATION_BASIC >> (default) or SOAP_AUTHENTICATION_DIGEST." >> >> There was recent activity on a Soap Authorisation Header bug [2]. >> >> If this issue is appropriate, you can try a building your code code >> from SVN (no win32 snapshots for a LONG time now). >> >> Regards, >> >> Richard. >> >> [1] http://docs.php.net/manual/en/soapclient.soapclient.php >> [2] http://bugs.php.net/bug.php?id=50976 >> -- >> ----- >> Richard Quadling >> "Standing on the shoulders of some very clever giants!" >> EE : http://www.experts-exchange.com/M_248814.html >> EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp >> Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 >> ZOPA : http://uk.zopa.com/member/RQuadling > > You can, of course, do it all yourself with cURL or sockets, but I believe the overhead would be significant. I think in the first instance, can we see the code you are using to make the request? I use the Zend_Soap_[Client|Server|WSDL|AutoDiscovery] but not with external Auth (like you are wanting). Instead, one of my services is the auth service (username is sent plain text and password is sent MD5 with a nonce - I believe the principle is sound. I chose this as I was being REALLY lazy in not learning about how to do Auth any other way. Richard. -- ----- Richard Quadling "Standing on the shoulders of some very clever giants!" EE : http://www.experts-exchange.com/M_248814.html EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 ZOPA : http://uk.zopa.com/member/RQuadling |