Implement support for WS-Security #90
Labels
Milestone
Comments
|
I have it implemented in my server as a middleware. class UsernameToken(xsd.ComplexType):
Username = xsd.Element(xsd.String, minOccurs=1)
Password = xsd.Element(xsd.String, minOccurs=1)
class Security(xsd.ComplexType):
UsernameToken = xsd.Element(UsernameToken, minOccurs=1)
class Header(xsd.ComplexType):
Security = xsd.Element(Security, minOccurs=1)
class SecurityMiddleware(object):
def __init__(self, callback):
self.callback = callback
def __call__(self, request, next_call):
SOAP = request.dispatcher.service.version
soap_header = request.soap_header
if not soap_header:
return SOAPError(SOAP.Code.CLIENT, "Missing required header")
try:
ut = request.soap_header.Security.UsernameToken
username = ut.Username
password = ut.Password
except AttributeError:
return SOAPError(SOAP.Code.CLIENT, "Invalid Security header")
auth_ok = self.callback(username, password)
if not auth_ok:
return SOAPError(SOAP.Code.CLIENT, "Invalid login credentials")
return next_call(request)You just have to add it to your def security_callback(username, password):
return username == 'admin' and password == 'admin' # CHANGE THIS
MyServiceV1SOAPPort_SERVICE.input_header = Header # we can do better API for this line
dispatcher = SOAPDispatcher(
MyServiceV1SOAPPort_SERVICE,
middlewares=[SecurityMiddleware(security_callback)])I did some classes to handle it, so maybe something is wrong in this code. |
|
Could I see an example of client code call to a SOAP service with user authentication in headers? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
See the following links for further details:
The text was updated successfully, but these errors were encountered: