Massimo,
The webfaction server is Linux based and uses Apache as the web server.
Additionally, below are the commands I used to test via a python console:
--------------------------------------
The original app (from which the test was derived)
import xmlrpclib
rserver =
xmlrpclib.Server("http://[email protected]:[email protected]/i
nit/default/call/xmlrpc")
rserver.getmeetings()
lserver =
xmlrpclib.Server("http://[email protected]:[email protected]:8000/mm_beta_
1/default/call/xmlrpc")
lserver.getmeetings()
------------------------------------
The test app I sent last evening
tserver =
xmlrpclib.Server("http://[email protected]:[email protected]:8000/svctest/
default/call/xmlrpc")
tserver.getmeetings()
rserver =
xmlrpclib.Server("http://[email protected]:[email protected]/w
elcome/default/call/xmlrpc")
rserver.getmeetings()
-----Original Message-----
From: David Waldrop [mailto:[email protected]]
Sent: Sunday, October 24, 2010 5:35 PM
To: [email protected]
Subject: RE: [web2py] Re: confused about services and authorization
Its the standard webfaction config, web2py and python installed using their
scripts.
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of
mdipierro
Sent: Sunday, October 24, 2010 5:15 PM
To: web2py-users
Subject: [web2py] Re: confused about services and authorization
Can you also tell us more about the production server? What web server? Os?
On Oct 24, 3:52 pm, "David Waldrop" <[email protected]> wrote:
> Massimo, Thanks. This is absolutely maddening. Attached is simple
> app. It exposes 1 service "getmeetings" located in the mm_services
> model. The db.py file includes the statement:
>
> auth.settings.allow_basic_login = True
>
> and the default/call function is decorated to require login.
>
> The app behaves correctly when running on my local machine, but always
> returns 303 when invoked on the production server.
>
> -----Original Message-----
> From: [email protected] [mailto:[email protected]] On
> Behalf Of
>
> mdipierro
> Sent: Sunday, October 24, 2010 4:17 PM
> To: web2py-users
> Subject: [web2py] Re: confused about services and authorization
>
> please email me a minimalist program to reproduce the problem and I
> will debug it.
>
> On Oct 24, 2:32 pm, David Waldrop <[email protected]> wrote:
> > Even more confusion. I can get it to work on dev environment by
> > reverting to the original decorator on call
>
> > #...<http://groups.google.com/groups/unlock?_done=/group/web2py/brow
> > se
> > _thr...>
> > @auth.requires(auth.user)
> > @auth.requires_login()
> > def call():
> > """
> > exposes services. for example:
> >
> >http://..../<http://www.google.com/url?sa=D&q=http://..../&usg=AFQjCN
> >H
> > TjjhgMOeO9jl...>
> > [app]/default/call/jsonrpc
> > decorate with @services.jsonrpc the functions to expose
> > supports xml, json, xmlrpc, jsonrpc, amfrpc, rss, csv
> > """
> > session.forget()
> > return service()
>
> > This works on the local/dev machine. By work I meant i get the
> > expected result when valid credentials are passed, and a 303 when
> > invalid is passed!!! I cannot get it to work on the production
> > system. If I comment out the authorization decorator all together
> > the service is invoked thereby isolating the problem to the way the
> > credentials are passed/handled. The code is Identical so it must
> > be something in the environmental setup. Any ideas?
>
> > On Sun, Oct 24, 2010 at 2:57 PM, david.waldrop
> <[email protected]>wrote:
>
> > > Cancel that it DOES NOT work on local either. In the previous
> > > post it worked I believe because I still had the old controller.
> > > Now that I have deleted the controller puttilng the call function
> > > back in the default controller, and moving the getmeeting function
> > > to a model file, i am not able to access in the dev server or the
> > > productiontion server. I am 100% sure the credentials are
> > > correct, but cannot figure out why the authentication is not
happening.
>
> > > On Oct 24, 2:13 pm, "David Waldrop" <[email protected]> wrote:
> > > > Massimo, moving the function out of the controller enabled me to
> > > > successfully invoke the function via xmlrpc on my development
> > > > machine,
> > > but
> > > > not on the production version. In the forum I see that this
> > > > (303) supposedly indicates invalid authorization, but the
> > > > testing credentials
> > > are
> > > > valid on both sites. I did so by issuing the following at the
> > > > python
> > > > console:
>
> > > > Python 2.6.6 (r266:84297, Aug 24 2010, 18:46:32) [MSC v.1500 32
> > > > bit
> > > (Intel)]
> > > > on
> > > > win32
> > > > Type "help", "copyright", "credits" or "license" for more
information.
>
> > > > >>> import xmlrpclib
> > > > >>> server =
>
> > > > xmlrpclib.Server("http://[email protected]:[email protected]
> > > > gm
> > > > on
> > > > key.net/init/default/call/xmlrpc")
>
> > > > >>> server2 =
>
> > > > xmlrpclib.Server("http://[email protected]:[email protected]:
> > > > 80
> > > > 0
> > > > 0/mm_beta_1/default/call/xmlrpc")
>
> > > > >>> server.getmeetings()
>
> > > > Traceback (most recent call last):
> > > > File "<stdin>", line 1, in <module>
> > > > File "C:\Python26\lib\xmlrpclib.py", line 1199, in __call__
> > > > return self.__send(self.__name, args)
> > > > File "C:\Python26\lib\xmlrpclib.py", line 1489, in __request
> > > > verbose=self.__verbose
> > > > File "C:\Python26\lib\xmlrpclib.py", line 1243, in request
> > > > headers
> > > > xmlrpclib.ProtocolError: <ProtocolError for
> > > > [email protected]:[email protected]
> > > > ingmonkey.net/init/default/call/xmlrpc: 303 SEE OTHER>
>
> > > > >>> server2.getmeetings()
>
> > > > 'you are logged in!'
>
> > > > Do I need to enables something special in the environment other
> > > > than auth.settings.allow_basic_login = True, which is already set.
> > > > Alos, is
> > > this
> > > > a recommended way of passing credentials to a web2py services,
> > > > it seems
> > > as
> > > > if they may be exposed in the clear during transport???
>
> > > > /david
>
> > > > -----Original Message-----
> > > > From: [email protected] [mailto:[email protected]]
> > > > On Behalf
> > > Of
>
> > > > mdipierro
> > > > Sent: Sunday, October 24, 2010 1:38 PM
> > > > To: web2py-users
> > > > Subject: [web2py] Re: confused about services and authorization
>
> > > > I am not sure you should register services in controller, unless
> > > > you also want to expose them as actions. I normally put them in
> > > > a
> model.
> > > > Anyway...
>
> > > > @service.xmlrpc
> > > > @service.jsonrpc
> > > > @service.whetever
>
> > > > register a function as a service
>
> > > > def call(): return service()
>
> > > > simply exposes all services.
>
> > > > You can do
>
> > > > @auth.requires(auth.user)
> > > > def call(): return service()
>
> > > > and you will get an unauthorized error
>
> > > > On Oct 24, 11:19 am, "david.waldrop" <[email protected]>
wrote:
> > > > > I have spent the bulk of last evening and this morning trying
> > > > > to test web2py services and authorization. In addition to
> > > > > setting auth.settings.allow_basic_login = True I have deleted
> > > > > the "call function" in the default controller, created a
> > > > > seperate controller "mmservices",and and populated with the
following code:
>
> > > > > @auth.requires_login()
> > > > > def call():
> > > > > """
> > > > > exposes services. for example:
> > > > > http://..../[app]/default/call/jsonrpc
> > > > > decorate with @services.jsonrpc the functions to expose
> > > > > supports xml, json, xmlrpc, jsonrpc, amfrpc, rss, csv
> > > > > """
> > > > > session.forget()
> > > > > return service()
>
> > > > > @service.xmlrpc
> > > > > def getmeetings():
> > > > > if auth.is_logged_in():
> > > > > return 'you are logged in!'
> > > > > else:
> > > > > return 'NO DICE'
>
> > > > > @service.xmlrpc
> > > > > def test(insink):
> > > > > if auth.is_logged_in():
> > > > > return 'test: you are logged in!'
> > > > > else:
> > > > > return 'test: NO DICE'
>
> > > > > My questions are:
>
> > > > > 1) what is the purpose of the "call" function? I see that it
> > > > > is part of the proxy when invoking, but am not sure where it
> > > > > gets invoked or what it does. Does there need to be a
> > > > > separate call for each web- service function (as I saw in a forum
post)?
>
> > > > > 2) when i
> > > > > enterhttp://www.meetingmonkey.net/init/mmservices/getmeetings
> > > > > without logging in I get "no dice". I suspect this is due to
> > > > > the fact that I am accessing the function because it is in a
> > > > > controller. This is not the desired behavior as I want to
> > > > > ensure the user has logged in before getting access to the
> > > > > function. Is there a complete example of the best practice
> > > > > for implementing web-services including where to put various
> > > > > parts of
> code?
>
> > > > > 3) when I
> > > > > enterhttp://www.meetingmonkey.net/init/mmservices/call/xmlrpc/
> > > > > ge tmeeti ngs without logging 8in I am redirected to the login
> > > > > page. I would rather just return an unauthorized error, but
> > > > > do not know how to do?
>
> > --
> > [email protected] | 301.526.9500
>
>
>
> web2py.app.svctest.w2p
> 1006KViewDownload
