-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mani,

It is definitely using https.  I think what you referenced below is just 
configuration of the http protocol, which would be the same for http and 
https.  If I was trying to do what you are doing, I'd set up a test VM 
somewhere with a really simple php script that has a single XMLRPC function 
that is not using SSL.  Then, I'd work on making a java class that can work 
with that and also send additional http headers.

Josh

On Saturday December 03, 2011, Mani Shafa'atDoost wrote:
> Josh,
> 
> Thank you. Problem is that I am using a test account from
> http://vcl.ncsu.edu/ and I can't disable SSL, but as far as I know you are
> using http requests not https:
> 
>         $context = stream_context_create(
>                 array(
>                         '*http*' => array(
>                                 'method' => "POST",
>                                 'header' => $header,
>                                 'content' => $request
>                         )
>                 )
>         );
> 
> I tried XML standard queries but I receive permission denied error, I don't
> know if the problem is with (http,https) or with my queries. I guess they
> have some more information in their request.
> By the way, do you know how can I know what this function sends to server :
> file_get_contents(self::VCLHOST.$location, false, $context)
> 
> 
> Best Regards
> Mani
> 
> On Fri, Dec 2, 2011 at 9:04 AM, Josh Thompson <josh_thomp...@ncsu.edu>wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > Mani,
> > 
> > The frontend code is not using Cookie for anything when the XMLRPC API is
> > used.
> > 
> > I'm not actually sure about the XML part.  All of the XMLRPC code is just
> > using php's built in XMLRPC stuff:
> > 
> > http://us.php.net/manual/en/book.xmlrpc.php
> > 
> > Almost all of the XMLRPC related code is in xmlrpcWrappers.php.  The only
> > part
> > that isn't in that file is in utils.php where the functions are
> > registered (xmlrpccall) and called (xmlRPChandler).
> > 
> > You may be able to disable SSL and do some packet captures to actually
> > see what is getting passed back and forth.  To disable SSL, you at least
> > need to
> > remove the check and redirect for it in index.php.  I can't remember
> > offhand
> > if there is anything else you need to do.
> > 
> > Another option would be to write some simple php XMLRPC code separate
> > from VCL, but similar to it, and do packet captures with that.
> > 
> > Josh
> > 
> > On Thursday December 01, 2011, Mani Shafa'atDoost wrote:
> > > Josh,
> > > 
> > > ok, I am going to write  a wrapper class . but I need some information
> > > about your xml formating.
> > > as far as I know I should send something like this :
> > > 
> > > Content-Type: text/xml
> > > X-User:  username .
> > > X-Pass: password
> > > Cookie: something
> > > X-APIVERSION: 2
> > > 
> > > 
> > > <?xml version="1.0"?>
> > > <methodCall>
> > > 
> > >    <methodName>example</methodName>
> > >    <params>
> > >    
> > >       <param>
> > >       
> > >          <value><i4>41</i4></value>
> > >          </param>
> > >       
> > >       </params>
> > > 
> > > </methodCall>
> > > 
> > > so these are my questions:
> > > should I send cookie or it is an optional thing?
> > > in method params, which kind of params do you have? it is just int, or
> > 
> > you
> > 
> > > have boolean and string as well.
> > > also what about your answer XML. is it consists of Integer or it has
> > > some other things?
> > > 
> > > Best Regards
> > > Mani
> > > 
> > > On Thu, Dec 1, 2011 at 9:13 AM, Josh Thompson <josh_thomp...@ncsu.edu
> > >
> > >wrote:
> > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > Hash: SHA1
> > > > 
> > > > Mani,
> > > > 
> > > > - From what you described, it doesn't sound like you have the option
> > > > to set additional http headers.  I remember running in to that with
> > > > one of the perl
> > > > XMLRPC libraries.  It didn't really expose a way to set additional
> > > > http headers; so, I think I had to make a new class that inherited
> > > > the provided one
> > > > with some modified functions allowing the additional headers to be
> > > > set.
> > > > 
> > > > The problem here is that I couldn't find any way of doing
> > 
> > authentication
> > 
> > > > with
> > > > XMLRPC other than basic auth, which wasn't an option in our (NCSU)
> > > > environment.  So, I added the requirement of using additional http
> > > > headers that provide the necessary authentication bits. 
> > > > Unfortunately, not all XMLRPC
> > > > libraries expose a way to set additional http headers.
> > > > 
> > > > If anyone knows of another way of doing XMLRPC authentication, please
> > 
> > let
> > 
> > > > me
> > > > know.
> > > > 
> > > > Josh
> > > > 
> > > > On Wednesday November 30, 2011, Mani Shafa'atDoost wrote:
> > > > > Josh,
> > > > > 
> > > > > In java for XMLRPC calls, you have one execute function that
> > > > > accepts
> > 
> > 2
> > 
> > > > > arguments. First one is the "Method name"  and second one is a list
> > 
> > of
> > 
> > > > > parameters that we need to pass to this function. so where should I
> > 
> > put
> > 
> > > > > this header? in parameter[0]?
> > > > > Also there is a config that can be set before execute a method.
> > > > > this
> > > > 
> > > > config
> > > > 
> > > > > can set following things:
> > > > > 
> > > > > basicUserName
> > > > > basicPassword
> > > > > basicEncoding
> > > > > contentLengthOptional
> > > > > enabledForExceptions
> > > > > enabledForExtensions
> > > > > encoding
> > > > > gzipCompressing
> > > > > gzipRequesting
> > > > > 
> > > > > I know, we need to set up this header somewhere, but I am not sure
> > > > 
> > > > where. I
> > > > 
> > > > > will appreciate if you tell me which part of code is handling this
> > 
> > RPC
> > 
> > > > > request in VCL.
> > > > > 
> > > > > 
> > > > > Best Regards
> > > > > Mani
> > > > > 
> > > > > On Wed, Nov 30, 2011 at 3:22 PM, Josh Thompson
> > > > 
> > > > <josh_thomp...@ncsu.edu>wrote:
> > > > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > > > Hash: SHA1
> > > > > > 
> > > > > > Mani,
> > > > > > 
> > > > > > I'm not clear on what you are saying you are passing a first and
> > > > > > second argument to.
> > > > > > 
> > > > > > For every API call (except when calling XMLRPCaffiliations),
> > > > > > you'll
> > > > 
> > > > need
> > > > 
> > > > > > to have X-User, X-Pass, and X-APIVERSION added to the HTTP
> > > > > > headers
> > 
> > to
> > 
> > > > > > provide authentication to the vcl frontend.
> > > > > > 
> > > > > > Josh
> > > > > > 
> > > > > > On Wednesday November 30, 2011, Mani Shafa'atDoost wrote:
> > > > > > > Josh,
> > > > > > > 
> > > > > > > As far as I understood, I need to pass the function name as
> > > > > > > first
> > > > > > 
> > > > > > argument
> > > > > > 
> > > > > > > and for second one I need to add a list of parameters. For
> > > > > > > first
> > > > > > 
> > > > > > parameter,
> > > > > > 
> > > > > > > I need to pass Header which consist of following things:
> > > > > > > $header  = "Content-Type: text/xml\r\n";
> > > > > > > 
> > > > > > >         $header .= "X-User: " . $this->username . "\r\n";
> > > > > > >         $header .= "X-Pass: " . $this->password . "\r\n";
> > > > > > >         $header .= "Cookie: " . $_SERVER["HTTP_COOKIE"] .
> > > > > > >         "\r\n"; $header .= "X-APIVERSION: 2";
> > > > > > > 
> > > > > > > so, is it necessary to add all of these things to header?
> > > > > > > 
> > > > > > > Best Regards
> > > > > > > Mani
> > > > > > > 
> > > > > > > On Wed, Nov 30, 2011 at 1:28 PM, Josh Thompson
> > > > > > 
> > > > > > <josh_thomp...@ncsu.edu>wrote:
> > > > > > > > Mani,
> > > > > > > > 
> > > > > > > > I forgot that there is a third http header that is always
> > > > > > > > required
> > > > 
> > > > -
> > > > 
> > > > > > > > X-APIVERSION.  You'd even need that set when calling
> > > > > > 
> > > > > > XMLRPCaffiliations.
> > > > > > 
> > > > > > > > Josh
> > > > > > > > 
> > > > > > > > On Wednesday November 30, 2011, Josh Thompson wrote:
> > > > > > > > > Mani,
> > > > > > > > > 
> > > > > > > > > I haven't done much with java, and what I have done was
> > > > > > > > > many
> > > > 
> > > > years
> > > > 
> > > > > > ago.
> > > > > > 
> > > > > > > > > Given that, it doesn't look like you are providing the
> > > > > > > > > additional custom authentication http headers X-User and
> > > > > > > > > X-Pass anywhere.
> > > > > > > > > 
> > > > > > > > > Those two additional headers are not needed for the
> > > > > > 
> > > > > > XMLRPCaffiliations
> > > > > > 
> > > > > > > > > call. So, you could try calling that to see if the
> > > > > > > > > authentication headers are your only problem.
> > > > > > > > > 
> > > > > > > > > Josh
> > > > > > > > > 
> > > > > > > > > On Wednesday November 30, 2011, Mani Shafa'atDoost wrote:
> > > > > > > > > > I am trying to use Java to use your system. but the
> > > > > > > > > > problem is
> > > > > > 
> > > > > > when I
> > > > > > 
> > > > > > > > try
> > > > > > > > 
> > > > > > > > > > to execute something like client.execute( "XMLRPCtest",
> > > > > > > > > > params
> > > > 
> > > > );
> > > > 
> > > > > > , I
> > > > > > 
> > > > > > > > > > receive errors.
> > > > > > > > > > Can you tell me what should I pass to this function.I
> > > > > > > > > > just attached my java class.
> > > > > > > > > > 
> > > > > > > > > > Best Regards
> > > > > > > > > > Mani
> > > > > > > > > > 
> > > > > > > > > > On Wed, Nov 30, 2011 at 8:39 AM, Aaron Coburn
> > > > > > > > > > <acob...@amherst.edu
> > > > > > > > 
> > > > > > > > wrote:
> > > > > > > > > > > Mani,
> > > > 
> > > > > > > > > > > there is documentation for the XML RPC located here:
> > > > http://people.apache.org/~jfthomps/xmlrpcdocs/xmlrpcWrappers_8php.htm
> > > > 
> > > > > > > > l
> > > > > > > > 
> > > > > > > > > > > I have been using the remote API for some time now, and
> > 
> > it
> > 
> > > > > > > > > > > works very well. To make things easier for me, I wrote
> > > > > > > > > > > a php class that encapsulates some of these functions
> > > > > > > > > > > (see attached). This class doesn't implement any of
> > > > > > > > > > > the group management features, but they
> > > > > > > > 
> > > > > > > > would
> > > > > > > > 
> > > > > > > > > > > be easy to add.
> > > > > > > > > > > 
> > > > > > > > > > > You can then use the class like this (if, for instance,
> > 
> > you
> > 
> > > > > > wanted
> > > > > > 
> > > > > > > > > > > to list the reservations for a particular user):
> > > > > > > > > > > 
> > > > > > > > > > > $vcl = new VCL($userid, $password);
> > > > > > > > > > > 
> > > > > > > > > > > if ($reservations = $vcl->getReservations()){
> > > > > > > > > > > foreach ($reservations as $r){
> > > > > > > > > > > print "<p>";
> > > > > > > > > > > print "<b>{$r['imagename']}</b> ";
> > > > > > > > > > > if ($status = $vcl->getRequestStatus($r['requestid'])){
> > > > > > > > > > > switch ($status['status']){
> > > > > > > > > > > ...
> > > > > > > > > > > }
> > > > > > > > > > > }
> > > > > > > > > > > print "</p>";
> > > > > > > > > > > }
> > > > > > > > > > > }
> > > > > > > > > > > 
> > > > > > > > > > > The authentication piece is handed off to the
> > > > > > > > > > > appropriate affiliation function in the VCL code, so
> > > > > > > > > > > if you are using
> > > > 
> > > > LDAP,
> > > > 
> > > > > > > > > > > the user's
> > > > > > > > 
> > > > > > > > password
> > > > > > > > 
> > > > > > > > > > > would be verified in that way. Since we use Shibboleth
> > 
> > with
> > 
> > > > our
> > > > 
> > > > > > VCL
> > > > > > 
> > > > > > > > > > > installation, the web application (neither the VCL nor
> > 
> > any
> > 
> > > > > > > > > > > remote webapp) will know anything about what
> > > > > > > > > > > constitutes
> > 
> > a
> > 
> > > > > > > > > > > valid
> > > > > > 
> > > > > > password,
> > > > > > 
> > > > > > > > so
> > > > > > > > 
> > > > > > > > > > > I ended up modifying the 'checkAccess()' function in
> > > > > > > > > > > .ht-inc/utils.php. If this is relevant for your
> > > > 
> > > > installation, I
> > > > 
> > > > > > can
> > > > > > 
> > > > > > > > > > > explain further how this is done.
> > > > > > > > > > > 
> > > > > > > > > > > The remote API allows me, for instance, to embed the
> > > > > > > > > > > VCL
> > > > 
> > > > inside
> > > > 
> > > > > > > > > > > other web applications (such as our campus learning
> > > > 
> > > > management
> > > > 
> > > > > > > > > > > system), without requiring students to login to the
> > > > > > > > > > > main VCL site when they want to make and connect to
> > > > > > > > > > > their
> > > > 
> > > > reservations.
> > > > 
> > > > > > > > > > > Best regards,
> > > > > > > > > > > Aaron
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > On Nov 29, 2011, at 6:08 PM, Mani Shafa'atDoost wrote:
> > > > > > > > > > > 
> > > > > > > > > > > Josh,
> > > > > > > > > > > 
> > > > > > > > > > > Thank you. Do you have any proper documentation for
> > > > > > > > > > > functions
> > > > > > 
> > > > > > that
> > > > > > 
> > > > > > > > you
> > > > > > > > 
> > > > > > > > > > > provided by XML RPC?
> > > > > > > > > > > 
> > > > > > > > > > > Best Regards
> > > > > > > > > > > Mani
> > > > > > > > > > > 
> > > > > > > > > > > On Tue, Nov 29, 2011 at 4:32 PM, Josh Thompson
> > > > > > > > > 
> > > > > > > > > <josh_thomp...@ncsu.edu>wrote:
> > > > > > > > > > >> Mani,
> > > > > > > > > > >> 
> > > > > > > > > > >> Unfortunately, the example code is way out of date and
> > > > > > > > > > >> uses API version 1 which is no longer supported.
> > > > > > > > > > >> 
> > > > > > > > > > >> A more current example, though in python, is available
> > 
> > here:
> > > > https://svn.apache.org/repos/asf/incubator/vcl/sandbox/useful_scripts
> > > > 
> > > > > > > > /
> > > > > > > > 
> > > > > > > > > > >> ma nagegroups.py
> > > > > > > > > > >> 
> > > > > > > > > > >> Josh
> > > > > > > > > > >> 
> > > > > > > > > > >> On Sunday November 20, 2011, Mani Shafa'atDoost wrote:
> > > > > > > > > > >> > Hello,
> > > > > > > > > > >> > 
> > > > > > > > > > >> > I just used your sample file to use VCL through
> > 
> > XMLRPC,
> > 
> > > > but
> > > > 
> > > > > > > > > > >> > I received following error :
> > > > > > > > > > >> > 
> > > > > > > > > > >> > *Notice*:  xmlrpc: Unsupported API version, cannot
> > > > 
> > > > continue.
> > > > 
> > > > > > > > > > >> > I just modified username and password in your sample
> > 
> > PHP
> > 
> > > > > > file. I
> > > > > > 
> > > > > > > > > > >> > will appreciate if you could guide me.
> > > > > > > > > > >> > 
> > > > > > > > > > >> > 
> > > > > > > > > > >> > Best Regards
> > > > > > > > > > >> > 
> > > > > > > > > > >> > Mani
> > > > > > > > > > >> 
> > > > > > > > > > >> - --
> > > > > > > > > > >> - -------------------------------
> > > > > > > > > > >> Josh Thompson
> > > > > > > > > > >> VCL Developer
> > > > > > > > > > >> North Carolina State University
> > > > > > > > > > >> 
> > > > > > > > > > >> my GPG/PGP key can be found at pgp.mit.edu
> > 
> > - --
> > - -------------------------------
> > Josh Thompson
> > VCL Developer
> > North Carolina State University
> > 
> > my GPG/PGP key can be found at pgp.mit.edu
- -- 
- -------------------------------
Josh Thompson
VCL Developer
North Carolina State University

my GPG/PGP key can be found at pgp.mit.edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)

iEYEARECAAYFAk7ed00ACgkQV/LQcNdtPQPH/gCeJhFbdU8NJpSfgL9/SXTDsYwh
tTEAn1u7gzbq1/beQB21gSKC5fwz8Qvc
=syJd
-----END PGP SIGNATURE-----

Reply via email to