Slight correction to question #3 below: > How exactly custom handler (for a header) can be defined within server > implementation? And how server can enforce (*require*) given header to be > present in all client requests?
- Val Kind regards, Valeriy Pogrebitskiy [email protected] > On Aug 5, 2015, at 4:33 PM, Valeriy Pogrebitskiy <[email protected]> wrote: > > Mariano, ‘pysimplesoap’ community support - > > I am evaluating use of ‘pysimplesoap’ framework. In particular, I have > following POC (“proof of concept”) request: > > “develop a SOAP Server that talks to both MySQL and Oracle databases and uses > the standard AT&T CommonHeader. Must understand the mustunderstand attribute. > Object oriented and must not just use strings of XML ” > > Common header referenced is just a standard ‘wise:Security’ header: > > <soapenv:Header> > <wsse:Security soapenv:mustUnderstand="1" > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > > <http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>"> > <wsse:UsernameToken wsu:Id="UsernameToken-29" > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > > <http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd>"> > <wsse:Username>Username</wsse:Username> > <wsse:Password > Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText > > <http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText>">Password</wsse:Password> > </wsse:UsernameToken> > </wsse:Security> > </soapenv:Header> > > > I am trying to use ‘pysimplesoap’ to implement this POC… > > Since there is no good documentation (other than very simple and limited > online wiki samples), I need help understanding how to implement the > “mustUnderstand” requirement. From what I was told, adding “mustUnderstand” > attribute to a header - *must* result in that header being processed by the > server, and if error occurs (or if there is no corresponding actor to process > given header at all), exception must be raised. > > I encountered two separate problems with “mustUnderstand” header attribute: > > wsse.UserameToken generates header without “mustUnderstand” attribute (when > used from test client). I did not find an obvious way of adding this > attribute - without overriding UsernameToken.preprocess() method > Even after I did manage to add “mustUnderstand” attribute to wsse:Security > header - I am not sure how to define a handler (within server implementation) > to handle (process) this header. But what’s even more worrisome - is that > without corresponding handler, I *do not* get exception raised! I even tested > with some arbitrary (custom) header that I added within client module (which > includes ‘mustUnderstand=1’ attribute), and still did not get exception... > > > So questions are: > > How is it possible to add arbitrary attribute to a header (that’s already > defined)? Specifically - how ‘mustUnderstand’ can be added to > wsse.UsernameToken without overriding that class? > Why server implementation does not raise exception when ‘mustUnderstand’ > attribute is set to true in the header, and there is no appropriate handler > to process that header? > How exactly custom handler (for a header) can be defined within server > implementation? > > > Please help! > > > - Val > > Kind regards, > > Valeriy Pogrebitskiy > [email protected] <mailto:[email protected]> > >
_______________________________________________ Soap mailing list [email protected] https://mail.python.org/mailman/listinfo/soap
