On 1/29/2007 12:32 PM, Jeroen Reijn wrote:
Hi Lars,
I'm not familiar with the WSProxy generator, but I'll try to help out
as much as possible.
Lars Huttar wrote:
Hello,
The doc page for Web Services Proxy,
http://cocoon.apache.org/2.1/userdocs/wsproxy-generator.html, says
"If the remote site requires authentication, then the developer of
the local web site has to pass the user credentials as parameters to
the WebServiceProxyGenerator."
I've searched around without success for documentation on what those
credentials parameters are called. (This is a documentation gap that
I'd be willing to correct, if I can find the right answers.)
In samples/blocks/proxy/README.txt, two parameters to wsproxy are
listed: wsproxy-method and wsproxy-session. Cool.
What I think they mean is that you will have to send them in your
request. It should look something like:
http://user:[EMAIL PROTECTED]:{port}/path
That's at least the normal http syntax of sending a username and
password with your request.
OK. Thanks for the tip. I would like to hear confirmation from somebody
who could answer authoritatively, because if so, the documentation is
misleading or unclear at best. It sounds like you're supposed to pass
those parameters to the generator, which without further elaboration
would not lead me to think I should pass them embedded in the URL.
However I can't find anything about user credentials for
authentication. Maybe the wsproxy docs mean that I should send user
credentials as *request* parameters in the src attribute of the
wsproxy generator? But that sounds like I'd have to send the password
in plaintext... right? Does this only work for http basic
authentication?
Yes I think the above method only works for basic authentication.
OK. http://cocoon.apache.org/2.1/userdocs/wsproxy-generator.html says
that WSProxy supports https protocol.
I wonder if I need to do anything special to handle certificates.
Presumably if I give the wsproxy generator an
"https://...?uname=foo&pw=bar"; url, the username and password will not
be sent in cleartext over the web.
If the answer to that is no, it's not talking about *request*
parameters, there are <map:parameter> parameters for the wsproxy
generator for username and password... then where can I find out what
they're called, or verify that they're recognized?
No as far as I can see in the source code of the generator you cannot
explicitly specify the username and password.
This generalizes to a question I've often had, when the Cocoon docs
don't list the parameters for a sitemap component: how do you find
out what they are? The Javadoc for the component class (e.g.
http://cocoon.apache.org/2.1/apidocs/org/apache/cocoon/generation/WebServiceProxyGenerator.html)
generally doesn't tell you, unless somebody thought to enter it in
the description. All you get is the fact that the setup() method
takes a "Parameters" argument.
Did you look at the generator tutorial page?
http://cocoon.apache.org/2.1/tutorial/tutorial-generator.html
It describes a bit what the Parameters object does.
I understand that the Parameters object contains a list of sitemap
parameters. My point was that the javadoc for the generator class
doesn't document what sitemap parameters a generator looks for.
Anyway, having found the source file at
src\blocks\proxy\java\org\apache\cocoon\generation\WebServiceProxyGenerator.java,
I searched for "parameter".
There is definitely recognition of the wsproxy-method parameter:
this.configuredHttpMethod = par.getParameter("wsproxy-method",
METHOD_GET);
However, I can find no mention of wsproxy-session. Does this mean the
README.txt is wrong? (Surely the wsproxy-session parameter isn't
processed by some other class?)
I wasn't able to find the wsproxy-session as well. It might be that
the README.txt file is outdated?
On the more general level, am I looking in the right place to find
definitive information about parameters for a sitemap component?
Yes looking at some code and perhaps trying to create your own
component always works out best for me.
I guess you missed this page, which explains a bit how to create your
own sitemap component (in this case a generator).
http://cocoon.apache.org/2.1/tutorial/tutorial-generator.html
OK, I've looked at it now.
It confirms that I was looking for the right things in the source code
to discover what sitemap parameters wsproxy recognizes. Thanks.
If the wsproxy generator can't handle user authentication, I'd like
to find out if the file generator or HTML generator can. But none of
the documentation pages for these generators lists parameters for
authentication. Any hints?
I'm not 100% sure, but I think most generators can handle basic
authentication like I described above.
OK. An earlier email (July 27, 2006) on this list from Thomas Soddemann
said,
In principle, the authentication parameters for BASIC AUTH go into the
HTTP header.
E.g. have a look at
http://www.w3.org/Protocols/HTTP/1.0/draft-ietf-http-spec.html#AA
The Web Services Proxy Generator supports different style of
authentication, ...
... which suggests that normally, authentication parameters would not go
in the URL. I will email him directly to see if he knows how wsproxy
does it.
If anybody else can tell me for sure, I would appreciate it.
Lars
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
