Ruby-SavonWeb服务身份验证
我试图利用ruby gem Savon连接到propertyware提供的web服务(http://propertyware.com/apidocs/Getting-Started). 我已通过SoapUI成功连接到该服务,并执行了echoString请求。当我试图通过Ruby做同样的事情时,我会得到一个空用户身份验证错误 这是我在Ruby中尝试过的Ruby-SavonWeb服务身份验证,ruby,web-services,soap,savon,Ruby,Web Services,Soap,Savon,我试图利用ruby gem Savon连接到propertyware提供的web服务(http://propertyware.com/apidocs/Getting-Started). 我已通过SoapUI成功连接到该服务,并执行了echoString请求。当我试图通过Ruby做同样的事情时,我会得到一个空用户身份验证错误 这是我在Ruby中尝试过的 require 'rubygems' require 'savon' client = Savon::Client.new do wsdl
require 'rubygems'
require 'savon'
client = Savon::Client.new do
wsdl.document = 'http://propertyware.com/pw/services/PWServices?wsdl'
wsse.credentials 'username', 'pwd'
end
response = client.request :web, :echo_string, :body => {:arg => "Hello world."}
它生成以下xml
<env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:web="http://propertyware.com/pw/services/PWServices"
xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ins0="http://propertyware.com/pw/services/PWServices"
xmlns:ins1="http://criteria.soap.propertyware.com"
xmlns:ins2="urn:PWServices"
xmlns:ins3="http://soap.propertyware.com"
xmlns:ins4="http://xml.apache.org/xml-soap">
<env:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-1">
<wsse:Username>user</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</env:Header>
<env:Body>
<web:echoString>
<arg>Hello world.</arg>
</web:echoString>
</env:Body>
</env:Envelope>
用户
pwd
你好,世界。
下面是SoapUI生成的xml
<soapenv:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:web="http://webservices" >
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>user</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">R41mCRd+tY+xthhE/YISLQ==</wsse:Nonce>
<wsu:Created>2011-10-25T09:52:40.220Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<web:echoString soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<arg xsi:type="xsd:string">?</arg>
</web:echoString>
</soapenv:Body>
</soapenv:Envelope>
用户
pwd
R41mCRd+tY+xthhE/YISLQ==
2011-10-25T09:52:40.220Z
?
一个明显的区别是SoapUI包含一个nonce键和一个createdAt时间戳。我不知道如何让savon在不去消化auth的情况下做到这一点。(还有那不起作用的fwiw)
在web服务方面,我不是真正的savoy——任何指导都将不胜感激
另外-以下是我尝试通过savon连接时的响应:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<soapenv:Fault>
<faultcode xmlns:ns1="http://xml.apache.org/axis/">ns1:Server.Unauthenticated</faultcode>
<faultstring>User 'null' not authenticated (unknown user)</faultstring>
<detail>
<ns2:hostname xmlns:ns2="http://xml.apache.org/axis/">rcpppwwwapt012.realpage.com</ns2:hostname>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
ns1:Server.Unauthenticated
用户“null”未通过身份验证(未知用户)
rcpppwwwapt012.realpage.com
蒂亚!
Bob尝试将wsse中的摘要设置为true。这将指示Savon将nonce和createdAt添加到请求中:
wsse.credentials 'username', 'pwd', :digest
参见的评论我认为第一步是处理错误
用户“null”未通过身份验证(未知用户)
您的凭据未传递到服务。在Savon版本2中,您需要以下信息:
client = Savon.client do
wsdl 'https://webservice/theservice.wsdl'
wsse_auth("user", "pass", :digest)
end
是的。这就是这个问题要问的——为什么会这样?请求看起来像是被发送给我的-不知道为什么服务器没有确认。谢谢你的建议。不幸的是,正如我在问题中指出的,将摘要设置为true会加密密码,但这不起作用。
client = Savon.client do
wsdl 'https://webservice/theservice.wsdl'
wsse_auth("user", "pass", :digest)
end