Re: Typo's I think

Mark,

Glad to hear from you again.  I am making changes according to your findings 
below.  I especially love the line of code

if (substr("Digest ", $this->incoming_headers['www-authenticate'])) {

Scott Nichol

Do not send e-mail directly to this e-mail address,
because it is filtered to accept only mail from
specific mail lists.
----- Original Message ----- 
From: "Mark Spavin" <mark@xxxxxxxxxxxxxxxxxx>
To: <nusoap-general@xxxxxxxxxxxxxxxxxxxxx>
Sent: Wednesday, April 13, 2005 3:27 PM
Subject: [Nusoap-general] Typo's I think


> Hi All,
> 
> I has been a long time since I posted here last, as the NuSOAP has been 
> working well for some time. A current piece of re-work was using a very old 
> hacked version of NuSOAP for a demonstration. The new service if more 
> productionised and has some additions, one being authentication, so I 
> decided to start with a fresh upto date version of NuSOAP. When using 
> setCredentials and checking the code I noticed the following (I am not using 
> this just noticed when passing) and I think there may be a typo as the nonce 
> is checked and default's when required, where the realm is not it is just 
> used directly
> 
> ==============================
> NuSOAP: v 1.86 2005/03/04
> Class: soap_transport_http
> Func: setCredentials(........)
>     :
>   } elseif ($authtype == 'digest') {
>    if (isset($digestRequest['nonce'])) {
> 
> should be :-
> 
>   } elseif ($authtype == 'digest') {
>    if (isset($digestRequest['realm'])) {
> 
> ==============================
> 
> The second part relates to what I think is a second typo in authentication 
> this bit I was trying to use. When I sent my basic auth everything looked 
> okay but I did not know if my connection credentials we right. The response 
> headers from the service are shown:
> 
> HTTP/1.1 401 Unauthorized
> Date: Wed, 13 Apr 2005 19:01:59 GMT
> Server: IBM_HTTP_SERVER/1.3.28.1  Apache/1.3.28 (Win32)
> WWW-Authenticate: Basic realm="Default Realm"
> Content-Length: 0
> Connection: close
> Content-Type: text/html; charset=ISO-8859-1
> Content-Language: en-US
> 
> This leading to a debug message: Got 401 Unauthorized with WWW-Authenticate: 
> Basic realm="Default Realm", this was not unexpected but the next debug 
> message was, - Server wants digest authentication.
> 
> On checking the NuSOAP code for this I found the following, the check for 
> "Digest" in the response looks a bit suspect!
> 
> ==============================
> NuSOAP: v 1.86 2005/03/04
> Class: soap_transport_http
> Func: getResponse()
>     :
>    // see if we need to resend the request with http digest authentication
>    if (isset($this->incoming_headers['www-authenticate']) && $http_status == 
> 401) {
>     $this->debug("Got 401 $http_reason with WWW-Authenticate: " . 
> $this->incoming_headers['www-authenticate']);
>     if (substr("Digest ", $this->incoming_headers['www-authenticate'])) {
> 
> Should be :-
> 
>    // see if we need to resend the request with http digest authentication
>    if (isset($this->incoming_headers['www-authenticate']) && $http_status == 
> 401) {
>     $this->debug("Got 401 $http_reason with WWW-Authenticate: " . 
> $this->incoming_headers['www-authenticate']);
>     if (strstr($this->incoming_headers['www-authenticate'],"Digest ")) {
> 
> ==============================
> 
> My authorisation still fails but the debug output is now as expected!!!!
> 
> Glad to see Scott still bashing away, the latest version digested my nested 
> WSDL's without a hitch, so far so good.
> Thanks
> Scott 
> 
> 
> 
> 
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________
> Nusoap-general mailing list
> Nusoap-general@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/nusoap-general
>


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click