From: robert mena on
Hi,

I am trying to access a webservice using php's soapclient but I keep getting
the error SoapFault exception: [HTTP] Unauthorized

If I try using a web browser I can authenticate using the same credentials
used by the php code.

I've searched but the only mention that I found led to a 'won't fix' bug
registered to php 5.1.6. I am using 5.2.10.

Any ideas of what may be causing this? Is there a workaround?

Regards.
From: Richard Quadling on
On 26 June 2010 23:46, robert mena <robert.mena(a)gmail.com> wrote:
> Hi,
>
> I am trying to access a webservice using php's soapclient but I keep getting
> the error SoapFault exception: [HTTP] Unauthorized
>
> If I try using a web browser I can authenticate using the same credentials
> used by the php code.
>
> I've searched but the only mention that I found led to a 'won't fix' bug
> registered to php 5.1.6.  I am using 5.2.10.
>
> Any ideas of what may be causing this?  Is there a workaround?
>
> Regards.
>

Can you show the SoapClient construction you are using?

The documentation says that you can supply HTTP authentication [1] ...

"For HTTP authentication, the login and password options can be used
to supply credentials. For making an HTTP connection through a proxy
server, the options proxy_host, proxy_port, proxy_login and
proxy_password are also available. For HTTPS client certificate
authentication use local_cert and passphrase options. An
authentication may be supplied in the authentication option. The
authentication method may be either SOAP_AUTHENTICATION_BASIC
(default) or SOAP_AUTHENTICATION_DIGEST."

There was recent activity on a Soap Authorisation Header bug [2].

If this issue is appropriate, you can try a building your code code
from SVN (no win32 snapshots for a LONG time now).

Regards,

Richard.

[1] http://docs.php.net/manual/en/soapclient.soapclient.php
[2] http://bugs.php.net/bug.php?id=50976
--
-----
Richard Quadling
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
ZOPA : http://uk.zopa.com/member/RQuadling
From: robert mena on
Hi,

I'll have a look. I am using Zend Framework's Zend_Soap_Client which in
turn uses SoapClient. I'll try to use SoapClient directly.

I am not using https and I am not going through a proxy (using a non
standard port). I've tested with another SOAP client (a standalone
application called SoapUI) without a problem.

Is there anyone using SoapClient (or Zend_Soap_Client) with auth with
success? What other library (that does not use SoapClient) could I try?

On Mon, Jun 28, 2010 at 6:27 AM, Richard Quadling <rquadling(a)gmail.com>wrote:

> On 26 June 2010 23:46, robert mena <robert.mena(a)gmail.com> wrote:
> > Hi,
> >
> > I am trying to access a webservice using php's soapclient but I keep
> getting
> > the error SoapFault exception: [HTTP] Unauthorized
> >
> > If I try using a web browser I can authenticate using the same
> credentials
> > used by the php code.
> >
> > I've searched but the only mention that I found led to a 'won't fix' bug
> > registered to php 5.1.6. I am using 5.2.10.
> >
> > Any ideas of what may be causing this? Is there a workaround?
> >
> > Regards.
> >
>
> Can you show the SoapClient construction you are using?
>
> The documentation says that you can supply HTTP authentication [1] ...
>
> "For HTTP authentication, the login and password options can be used
> to supply credentials. For making an HTTP connection through a proxy
> server, the options proxy_host, proxy_port, proxy_login and
> proxy_password are also available. For HTTPS client certificate
> authentication use local_cert and passphrase options. An
> authentication may be supplied in the authentication option. The
> authentication method may be either SOAP_AUTHENTICATION_BASIC
> (default) or SOAP_AUTHENTICATION_DIGEST."
>
> There was recent activity on a Soap Authorisation Header bug [2].
>
> If this issue is appropriate, you can try a building your code code
> from SVN (no win32 snapshots for a LONG time now).
>
> Regards,
>
> Richard.
>
> [1] http://docs.php.net/manual/en/soapclient.soapclient.php
> [2] http://bugs.php.net/bug.php?id=50976
> --
> -----
> Richard Quadling
> "Standing on the shoulders of some very clever giants!"
> EE : http://www.experts-exchange.com/M_248814.html
> EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
> Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
> ZOPA : http://uk.zopa.com/member/RQuadling
>
From: Richard Quadling on
On 28 June 2010 22:37, robert mena <robert.mena(a)gmail.com> wrote:
> Hi,
> I'll have a look.  I am using Zend Framework's Zend_Soap_Client which in
> turn uses SoapClient.  I'll try to use SoapClient directly.
> I am not using https and I am not going through a proxy (using a non
> standard port).  I've tested with another SOAP client (a standalone
> application called SoapUI) without a problem.
>
> Is there anyone using SoapClient (or Zend_Soap_Client) with auth with
> success?   What other library (that does not use SoapClient) could I try?
> On Mon, Jun 28, 2010 at 6:27 AM, Richard Quadling <rquadling(a)gmail.com>
> wrote:
>>
>> On 26 June 2010 23:46, robert mena <robert.mena(a)gmail.com> wrote:
>> > Hi,
>> >
>> > I am trying to access a webservice using php's soapclient but I keep
>> > getting
>> > the error SoapFault exception: [HTTP] Unauthorized
>> >
>> > If I try using a web browser I can authenticate using the same
>> > credentials
>> > used by the php code.
>> >
>> > I've searched but the only mention that I found led to a 'won't fix' bug
>> > registered to php 5.1.6.  I am using 5.2.10.
>> >
>> > Any ideas of what may be causing this?  Is there a workaround?
>> >
>> > Regards.
>> >
>>
>> Can you show the SoapClient construction you are using?
>>
>> The documentation says that you can supply HTTP authentication [1] ...
>>
>> "For HTTP authentication, the login and password options can be used
>> to supply credentials. For making an HTTP connection through a proxy
>> server, the options proxy_host, proxy_port, proxy_login and
>> proxy_password are also available. For HTTPS client certificate
>> authentication use local_cert and passphrase options. An
>> authentication may be supplied in the authentication option. The
>> authentication method may be either SOAP_AUTHENTICATION_BASIC
>> (default) or SOAP_AUTHENTICATION_DIGEST."
>>
>> There was recent activity on a Soap Authorisation Header bug [2].
>>
>> If this issue is appropriate, you can try a building your code code
>> from SVN (no win32 snapshots for a LONG time now).
>>
>> Regards,
>>
>> Richard.
>>
>> [1] http://docs.php.net/manual/en/soapclient.soapclient.php
>> [2] http://bugs.php.net/bug.php?id=50976
>> --
>> -----
>> Richard Quadling
>> "Standing on the shoulders of some very clever giants!"
>> EE : http://www.experts-exchange.com/M_248814.html
>> EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
>> Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
>> ZOPA : http://uk.zopa.com/member/RQuadling
>
>

If you have got a working setup, then use a tool like WireShark to
watch what is happening on the wire. You'll be able to see the exact
conversation and see what headers are being sent and received.

Ideally the requests should be as identical as possible (same
criteria, security, etc.) to make the comparison easier.

Richard.

--
-----
Richard Quadling
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
ZOPA : http://uk.zopa.com/member/RQuadling
From: Richard Quadling on
On 28 June 2010 22:37, robert mena <robert.mena(a)gmail.com> wrote:
> Hi,
> I'll have a look.  I am using Zend Framework's Zend_Soap_Client which in
> turn uses SoapClient.  I'll try to use SoapClient directly.
> I am not using https and I am not going through a proxy (using a non
> standard port).  I've tested with another SOAP client (a standalone
> application called SoapUI) without a problem.
>
> Is there anyone using SoapClient (or Zend_Soap_Client) with auth with
> success?   What other library (that does not use SoapClient) could I try?
> On Mon, Jun 28, 2010 at 6:27 AM, Richard Quadling <rquadling(a)gmail.com>
> wrote:
>>
>> On 26 June 2010 23:46, robert mena <robert.mena(a)gmail.com> wrote:
>> > Hi,
>> >
>> > I am trying to access a webservice using php's soapclient but I keep
>> > getting
>> > the error SoapFault exception: [HTTP] Unauthorized
>> >
>> > If I try using a web browser I can authenticate using the same
>> > credentials
>> > used by the php code.
>> >
>> > I've searched but the only mention that I found led to a 'won't fix' bug
>> > registered to php 5.1.6.  I am using 5.2.10.
>> >
>> > Any ideas of what may be causing this?  Is there a workaround?
>> >
>> > Regards.
>> >
>>
>> Can you show the SoapClient construction you are using?
>>
>> The documentation says that you can supply HTTP authentication [1] ...
>>
>> "For HTTP authentication, the login and password options can be used
>> to supply credentials. For making an HTTP connection through a proxy
>> server, the options proxy_host, proxy_port, proxy_login and
>> proxy_password are also available. For HTTPS client certificate
>> authentication use local_cert and passphrase options. An
>> authentication may be supplied in the authentication option. The
>> authentication method may be either SOAP_AUTHENTICATION_BASIC
>> (default) or SOAP_AUTHENTICATION_DIGEST."
>>
>> There was recent activity on a Soap Authorisation Header bug [2].
>>
>> If this issue is appropriate, you can try a building your code code
>> from SVN (no win32 snapshots for a LONG time now).
>>
>> Regards,
>>
>> Richard.
>>
>> [1] http://docs.php.net/manual/en/soapclient.soapclient.php
>> [2] http://bugs.php.net/bug.php?id=50976
>> --
>> -----
>> Richard Quadling
>> "Standing on the shoulders of some very clever giants!"
>> EE : http://www.experts-exchange.com/M_248814.html
>> EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
>> Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
>> ZOPA : http://uk.zopa.com/member/RQuadling
>
>

You can, of course, do it all yourself with cURL or sockets, but I
believe the overhead would be significant.

I think in the first instance, can we see the code you are using to
make the request?

I use the Zend_Soap_[Client|Server|WSDL|AutoDiscovery] but not with
external Auth (like you are wanting). Instead, one of my services is
the auth service (username is sent plain text and password is sent MD5
with a nonce - I believe the principle is sound. I chose this as I was
being REALLY lazy in not learning about how to do Auth any other way.

Richard.


--
-----
Richard Quadling
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
ZOPA : http://uk.zopa.com/member/RQuadling