From: Jared dot Williams1 at ntlworld dot com Operating system: Windows 2000/IIS PHP version: 5CVS-2005-01-28 (dev) PHP Bug Type: SOAP related Bug description: SOAP Digest Authentication
Description: ------------ This is related to http://bugs.php.net/bug.php?id=28041 Using the php5.0-win32-200501280930 snapshot, still seem unable to use Digest Authentication against labs.zap2it.com. Request Headers: POST /tvlistings/xtvdService HTTP/1.1 Host: datadirect.webservices.zap2it.com Connection: Keep-Alive User-Agent: PHP SOAP 0.1 Content-Type: text/xml; charset=utf-8 SOAPAction: "urn:TMSWebServices:xtvdWebService#download" Content-Length: 584 Authorization: Basic ******************* Does appear to be sending Basic authentication details, even thou the service requests only digest. (Security issue). WWW-Authenticate Digest realm="TMSWebServiceRealm", nonce="********************************************************************************", opaque="****************", algorithm=MD5, qop="auth" Reproduce code: --------------- $client = new SoapClient('xtvd.wsdl', array( 'trace' => 1, 'exceptions' => 0, 'login' => USER, 'password' => PASSWORD)); $result = $client->download(time() - 60*3, time() + 60*60*12); echo "<pre>\n"; echo "Response Headers:\n", htmlspecialchars($client->__getLastResponseHeaders()), "\n"; echo "Response:\n", htmlspecialchars($client->__getLastResponse()),"\n"; echo "</pre>"; ?> Expected result: ---------------- XML listings Actual result: -------------- Response Headers: HTTP/1.1 100 Continue Date: Fri, 28 Jan 2005 18:41:23 GMT Server: Orion/2.0.2 Response: <HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY><H1>401 Unauthorized</H1></BODY></HTML> -- Edit bug report at http://bugs.php.net/?id=31747&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=31747&r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=31747&r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=31747&r=trysnapshot51 Fixed in CVS: http://bugs.php.net/fix.php?id=31747&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=31747&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=31747&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=31747&r=needscript Try newer version: http://bugs.php.net/fix.php?id=31747&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=31747&r=support Expected behavior: http://bugs.php.net/fix.php?id=31747&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=31747&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=31747&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=31747&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=31747&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=31747&r=dst IIS Stability: http://bugs.php.net/fix.php?id=31747&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=31747&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=31747&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=31747&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=31747&r=mysqlcfg
