SOAP with fancy HTTPS requirements
in [Python]
|
Prev: Simple hack to get $500 to your home.
Next: How to run a python script with a configuration file at command line ?
From: Andreas Jung on 3 Jun 2010 11:23 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there, I need to implement the following: sending SOAP requests and receiving SOAP responses over HTTPS with - authentication based on client-certificates _and_ basic authorization - verification of the server cert The client cert is protected with a passphrase and there must be some mechanism for passing the passphrase to Python. Is there some SOAP module doing this out-of-the-box? I tried myself with httplib.HTTPSConnection what I could not find a way passing the passphrase to the HTTPSConnection..Python always pops up with an input for the passphrase (likely this is coming from OpenSSL). Any ideas? Andreas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkwHyPMACgkQCJIWIbr9KYzFMACfXtDzm+XnpdINf1TjG7EFazp6 PUUAnieOZ4pMH2Ss1TIKyCXF59jugfO8 =FrTY -----END PGP SIGNATURE-----
From: exarkun on 3 Jun 2010 11:50
On 03:23 pm, lists(a)zopyx.com wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Hi there, > >I need to implement the following: > >sending SOAP requests and receiving SOAP responses >over HTTPS with > >- authentication based on client-certificates _and_ basic authorization >- verification of the server cert > >The client cert is protected with a passphrase and there must be some >mechanism for passing the passphrase to Python. > >Is there some SOAP module doing this out-of-the-box? > >I tried myself with httplib.HTTPSConnection what I could not find a way >passing the passphrase to the HTTPSConnection..Python always pops up >with an input for the passphrase (likely this is coming from OpenSSL). > >Any ideas? You'll find this easier with one of the third-party SSL libraries, like M2Crypto or pyOpenSSL. The stdlib SSL support is fairly minimal. For example, I *don't* see any support for passphrase-protected private keys in the Python 2.6 SSL APIs. Compare this to the pyOpenSSL API load_privatekey, which accepts the passphrase as an argument: http://packages.python.org/pyOpenSSL/openssl-crypto.html Or lets you specify a callback which will be called whenever a passphrase is required, set_passwd_cb: http://packages.python.org/pyOpenSSL/openssl-context.html Jean-Paul |