Josh, About authentication method, I just noticed that OpenNebula uses parameters to pass username and password: http://opennebula.org/documentation:archives:rel2.0:api
On Sat, Dec 3, 2011 at 11:01 PM, Mani Shafa'atDoost <mani.do...@gmail.com>wrote: > Josh, > > Thank you. Problem is that I am using a test account from > http://vcl.ncsu.edu/ and I can't disable SSL, but as far as I know you > are using http requests not https: > > $context = stream_context_create( > array( > '*http*' => array( > 'method' => "POST", > 'header' => $header, > 'content' => $request > ) > ) > ); > > I tried XML standard queries but I receive permission denied error, I > don't know if the problem is with (http,https) or with my queries. I guess > they have some more information in their request. > By the way, do you know how can I know what this function sends to server : > file_get_contents(self::VCLHOST.$location, false, $context) > > > Best Regards > Mani > > On Fri, Dec 2, 2011 at 9:04 AM, Josh Thompson <josh_thomp...@ncsu.edu>wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Mani, >> >> The frontend code is not using Cookie for anything when the XMLRPC API is >> used. >> >> I'm not actually sure about the XML part. All of the XMLRPC code is just >> using php's built in XMLRPC stuff: >> >> http://us.php.net/manual/en/book.xmlrpc.php >> >> Almost all of the XMLRPC related code is in xmlrpcWrappers.php. The only >> part >> that isn't in that file is in utils.php where the functions are registered >> (xmlrpccall) and called (xmlRPChandler). >> >> You may be able to disable SSL and do some packet captures to actually see >> what is getting passed back and forth. To disable SSL, you at least need >> to >> remove the check and redirect for it in index.php. I can't remember >> offhand >> if there is anything else you need to do. >> >> Another option would be to write some simple php XMLRPC code separate from >> VCL, but similar to it, and do packet captures with that. >> >> Josh >> >> On Thursday December 01, 2011, Mani Shafa'atDoost wrote: >> > Josh, >> > >> > ok, I am going to write a wrapper class . but I need some information >> > about your xml formating. >> > as far as I know I should send something like this : >> > >> > Content-Type: text/xml >> > X-User: username . >> > X-Pass: password >> > Cookie: something >> > X-APIVERSION: 2 >> > >> > >> > <?xml version="1.0"?> >> > <methodCall> >> > <methodName>example</methodName> >> > <params> >> > <param> >> > <value><i4>41</i4></value> >> > </param> >> > </params> >> > </methodCall> >> > >> > so these are my questions: >> > should I send cookie or it is an optional thing? >> > in method params, which kind of params do you have? it is just int, or >> you >> > have boolean and string as well. >> > also what about your answer XML. is it consists of Integer or it has >> some >> > other things? >> > >> > Best Regards >> > Mani >> > >> > On Thu, Dec 1, 2011 at 9:13 AM, Josh Thompson <josh_thomp...@ncsu.edu >> >wrote: >> > > -----BEGIN PGP SIGNED MESSAGE----- >> > > Hash: SHA1 >> > > >> > > Mani, >> > > >> > > - From what you described, it doesn't sound like you have the option >> to >> > > set additional http headers. I remember running in to that with one >> of >> > > the perl >> > > XMLRPC libraries. It didn't really expose a way to set additional >> http >> > > headers; so, I think I had to make a new class that inherited the >> > > provided one >> > > with some modified functions allowing the additional headers to be >> set. >> > > >> > > The problem here is that I couldn't find any way of doing >> authentication >> > > with >> > > XMLRPC other than basic auth, which wasn't an option in our (NCSU) >> > > environment. So, I added the requirement of using additional http >> > > headers that provide the necessary authentication bits. >> Unfortunately, >> > > not all XMLRPC >> > > libraries expose a way to set additional http headers. >> > > >> > > If anyone knows of another way of doing XMLRPC authentication, please >> let >> > > me >> > > know. >> > > >> > > Josh >> > > >> > > On Wednesday November 30, 2011, Mani Shafa'atDoost wrote: >> > > > Josh, >> > > > >> > > > In java for XMLRPC calls, you have one execute function that >> accepts 2 >> > > > arguments. First one is the "Method name" and second one is a list >> of >> > > > parameters that we need to pass to this function. so where should I >> put >> > > > this header? in parameter[0]? >> > > > Also there is a config that can be set before execute a method. this >> > > >> > > config >> > > >> > > > can set following things: >> > > > >> > > > basicUserName >> > > > basicPassword >> > > > basicEncoding >> > > > contentLengthOptional >> > > > enabledForExceptions >> > > > enabledForExtensions >> > > > encoding >> > > > gzipCompressing >> > > > gzipRequesting >> > > > >> > > > I know, we need to set up this header somewhere, but I am not sure >> > > >> > > where. I >> > > >> > > > will appreciate if you tell me which part of code is handling this >> RPC >> > > > request in VCL. >> > > > >> > > > >> > > > Best Regards >> > > > Mani >> > > > >> > > > On Wed, Nov 30, 2011 at 3:22 PM, Josh Thompson >> > > >> > > <josh_thomp...@ncsu.edu>wrote: >> > > > > -----BEGIN PGP SIGNED MESSAGE----- >> > > > > Hash: SHA1 >> > > > > >> > > > > Mani, >> > > > > >> > > > > I'm not clear on what you are saying you are passing a first and >> > > > > second argument to. >> > > > > >> > > > > For every API call (except when calling XMLRPCaffiliations), >> you'll >> > > >> > > need >> > > >> > > > > to have X-User, X-Pass, and X-APIVERSION added to the HTTP >> headers to >> > > > > provide authentication to the vcl frontend. >> > > > > >> > > > > Josh >> > > > > >> > > > > On Wednesday November 30, 2011, Mani Shafa'atDoost wrote: >> > > > > > Josh, >> > > > > > >> > > > > > As far as I understood, I need to pass the function name as >> first >> > > > > >> > > > > argument >> > > > > >> > > > > > and for second one I need to add a list of parameters. For first >> > > > > >> > > > > parameter, >> > > > > >> > > > > > I need to pass Header which consist of following things: >> > > > > > $header = "Content-Type: text/xml\r\n"; >> > > > > > >> > > > > > $header .= "X-User: " . $this->username . "\r\n"; >> > > > > > $header .= "X-Pass: " . $this->password . "\r\n"; >> > > > > > $header .= "Cookie: " . $_SERVER["HTTP_COOKIE"] . >> "\r\n"; >> > > > > > $header .= "X-APIVERSION: 2"; >> > > > > > >> > > > > > so, is it necessary to add all of these things to header? >> > > > > > >> > > > > > Best Regards >> > > > > > Mani >> > > > > > >> > > > > > On Wed, Nov 30, 2011 at 1:28 PM, Josh Thompson >> > > > > >> > > > > <josh_thomp...@ncsu.edu>wrote: >> > > > > > > Mani, >> > > > > > > >> > > > > > > I forgot that there is a third http header that is always >> > > > > > > required >> > > >> > > - >> > > >> > > > > > > X-APIVERSION. You'd even need that set when calling >> > > > > >> > > > > XMLRPCaffiliations. >> > > > > >> > > > > > > Josh >> > > > > > > >> > > > > > > On Wednesday November 30, 2011, Josh Thompson wrote: >> > > > > > > > Mani, >> > > > > > > > >> > > > > > > > I haven't done much with java, and what I have done was many >> > > >> > > years >> > > >> > > > > ago. >> > > > > >> > > > > > > > Given that, it doesn't look like you are providing the >> > > > > > > > additional custom authentication http headers X-User and >> > > > > > > > X-Pass anywhere. >> > > > > > > > >> > > > > > > > Those two additional headers are not needed for the >> > > > > >> > > > > XMLRPCaffiliations >> > > > > >> > > > > > > > call. So, you could try calling that to see if the >> > > > > > > > authentication headers are your only problem. >> > > > > > > > >> > > > > > > > Josh >> > > > > > > > >> > > > > > > > On Wednesday November 30, 2011, Mani Shafa'atDoost wrote: >> > > > > > > > > I am trying to use Java to use your system. but the >> problem >> > > > > > > > > is >> > > > > >> > > > > when I >> > > > > >> > > > > > > try >> > > > > > > >> > > > > > > > > to execute something like client.execute( "XMLRPCtest", >> > > > > > > > > params >> > > >> > > ); >> > > >> > > > > , I >> > > > > >> > > > > > > > > receive errors. >> > > > > > > > > Can you tell me what should I pass to this function.I just >> > > > > > > > > attached my java class. >> > > > > > > > > >> > > > > > > > > Best Regards >> > > > > > > > > Mani >> > > > > > > > > >> > > > > > > > > On Wed, Nov 30, 2011 at 8:39 AM, Aaron Coburn >> > > > > > > > > <acob...@amherst.edu >> > > > > > > >> > > > > > > wrote: >> > > > > > > > > > Mani, >> > > >> > > > > > > > > > there is documentation for the XML RPC located here: >> > > http://people.apache.org/~jfthomps/xmlrpcdocs/xmlrpcWrappers_8php.htm >> > > >> > > > > > > l >> > > > > > > >> > > > > > > > > > I have been using the remote API for some time now, and >> it >> > > > > > > > > > works very well. To make things easier for me, I wrote a >> > > > > > > > > > php class that encapsulates some of these functions (see >> > > > > > > > > > attached). This class doesn't implement any of the group >> > > > > > > > > > management features, but they >> > > > > > > >> > > > > > > would >> > > > > > > >> > > > > > > > > > be easy to add. >> > > > > > > > > > >> > > > > > > > > > You can then use the class like this (if, for instance, >> you >> > > > > >> > > > > wanted >> > > > > >> > > > > > > > > > to list the reservations for a particular user): >> > > > > > > > > > >> > > > > > > > > > $vcl = new VCL($userid, $password); >> > > > > > > > > > >> > > > > > > > > > if ($reservations = $vcl->getReservations()){ >> > > > > > > > > > foreach ($reservations as $r){ >> > > > > > > > > > print "<p>"; >> > > > > > > > > > print "<b>{$r['imagename']}</b> "; >> > > > > > > > > > if ($status = $vcl->getRequestStatus($r['requestid'])){ >> > > > > > > > > > switch ($status['status']){ >> > > > > > > > > > ... >> > > > > > > > > > } >> > > > > > > > > > } >> > > > > > > > > > print "</p>"; >> > > > > > > > > > } >> > > > > > > > > > } >> > > > > > > > > > >> > > > > > > > > > The authentication piece is handed off to the >> appropriate >> > > > > > > > > > affiliation function in the VCL code, so if you are >> using >> > > >> > > LDAP, >> > > >> > > > > > > > > > the user's >> > > > > > > >> > > > > > > password >> > > > > > > >> > > > > > > > > > would be verified in that way. Since we use Shibboleth >> with >> > > >> > > our >> > > >> > > > > VCL >> > > > > >> > > > > > > > > > installation, the web application (neither the VCL nor >> any >> > > > > > > > > > remote webapp) will know anything about what >> constitutes a >> > > > > > > > > > valid >> > > > > >> > > > > password, >> > > > > >> > > > > > > so >> > > > > > > >> > > > > > > > > > I ended up modifying the 'checkAccess()' function in >> > > > > > > > > > .ht-inc/utils.php. If this is relevant for your >> > > >> > > installation, I >> > > >> > > > > can >> > > > > >> > > > > > > > > > explain further how this is done. >> > > > > > > > > > >> > > > > > > > > > The remote API allows me, for instance, to embed the VCL >> > > >> > > inside >> > > >> > > > > > > > > > other web applications (such as our campus learning >> > > >> > > management >> > > >> > > > > > > > > > system), without requiring students to login to the main >> > > > > > > > > > VCL site when they want to make and connect to their >> > > >> > > reservations. >> > > >> > > > > > > > > > Best regards, >> > > > > > > > > > Aaron >> > > > > > > > > > >> > > > > > > > > > >> > > > > > > > > > >> > > > > > > > > > >> > > > > > > > > > >> > > > > > > > > > >> > > > > > > > > > >> > > > > > > > > > >> > > > > > > > > > >> > > > > > > > > > On Nov 29, 2011, at 6:08 PM, Mani Shafa'atDoost wrote: >> > > > > > > > > > >> > > > > > > > > > Josh, >> > > > > > > > > > >> > > > > > > > > > Thank you. Do you have any proper documentation for >> > > > > > > > > > functions >> > > > > >> > > > > that >> > > > > >> > > > > > > you >> > > > > > > >> > > > > > > > > > provided by XML RPC? >> > > > > > > > > > >> > > > > > > > > > Best Regards >> > > > > > > > > > Mani >> > > > > > > > > > >> > > > > > > > > > On Tue, Nov 29, 2011 at 4:32 PM, Josh Thompson >> > > > > > > > >> > > > > > > > <josh_thomp...@ncsu.edu>wrote: >> > > > > > > > > >> Mani, >> > > > > > > > > >> >> > > > > > > > > >> Unfortunately, the example code is way out of date and >> > > > > > > > > >> uses API version 1 which is no longer supported. >> > > >> > > > > > > > > >> A more current example, though in python, is available >> here: >> > > https://svn.apache.org/repos/asf/incubator/vcl/sandbox/useful_scripts >> > > >> > > > > > > / >> > > > > > > >> > > > > > > > > >> ma nagegroups.py >> > > > > > > > > >> >> > > > > > > > > >> Josh >> > > > > > > > > >> >> > > > > > > > > >> On Sunday November 20, 2011, Mani Shafa'atDoost wrote: >> > > > > > > > > >> > Hello, >> > > > > > > > > >> > >> > > > > > > > > >> > I just used your sample file to use VCL through >> XMLRPC, >> > > >> > > but >> > > >> > > > > > > > > >> > I received following error : >> > > > > > > > > >> > >> > > > > > > > > >> > *Notice*: xmlrpc: Unsupported API version, cannot >> > > >> > > continue. >> > > >> > > > > > > > > >> > I just modified username and password in your sample >> PHP >> > > > > >> > > > > file. I >> > > > > >> > > > > > > > > >> > will appreciate if you could guide me. >> > > > > > > > > >> > >> > > > > > > > > >> > >> > > > > > > > > >> > Best Regards >> > > > > > > > > >> > >> > > > > > > > > >> > Mani >> > > > > > > > > >> >> > > > > > > > > >> - -- >> > > > > > > > > >> - ------------------------------- >> > > > > > > > > >> Josh Thompson >> > > > > > > > > >> VCL Developer >> > > > > > > > > >> North Carolina State University >> > > > > > > > > >> >> > > > > > > > > >> my GPG/PGP key can be found at pgp.mit.edu >> - -- >> - ------------------------------- >> Josh Thompson >> VCL Developer >> North Carolina State University >> >> my GPG/PGP key can be found at pgp.mit.edu >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v2.0.17 (GNU/Linux) >> >> iEYEARECAAYFAk7Y2tkACgkQV/LQcNdtPQOeaACeIQyNlnfj4NqtXi+H7w7V3RpB >> UXYAnjFjKVM84vf35tO8q7ODCmnmjZc+ >> =v1tY >> -----END PGP SIGNATURE----- >> > >
