-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mani,
The frontend code is not using Cookie for anything when the XMLRPC API is used. I'm not actually sure about the XML part. All of the XMLRPC code is just using php's built in XMLRPC stuff: http://us.php.net/manual/en/book.xmlrpc.php Almost all of the XMLRPC related code is in xmlrpcWrappers.php. The only part that isn't in that file is in utils.php where the functions are registered (xmlrpccall) and called (xmlRPChandler). You may be able to disable SSL and do some packet captures to actually see what is getting passed back and forth. To disable SSL, you at least need to remove the check and redirect for it in index.php. I can't remember offhand if there is anything else you need to do. Another option would be to write some simple php XMLRPC code separate from VCL, but similar to it, and do packet captures with that. Josh On Thursday December 01, 2011, Mani Shafa'atDoost wrote: > Josh, > > ok, I am going to write a wrapper class . but I need some information > about your xml formating. > as far as I know I should send something like this : > > Content-Type: text/xml > X-User: username . > X-Pass: password > Cookie: something > X-APIVERSION: 2 > > > <?xml version="1.0"?> > <methodCall> > <methodName>example</methodName> > <params> > <param> > <value><i4>41</i4></value> > </param> > </params> > </methodCall> > > so these are my questions: > should I send cookie or it is an optional thing? > in method params, which kind of params do you have? it is just int, or you > have boolean and string as well. > also what about your answer XML. is it consists of Integer or it has some > other things? > > Best Regards > Mani > > On Thu, Dec 1, 2011 at 9:13 AM, Josh Thompson <josh_thomp...@ncsu.edu>wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Mani, > > > > - From what you described, it doesn't sound like you have the option to > > set additional http headers. I remember running in to that with one of > > the perl > > XMLRPC libraries. It didn't really expose a way to set additional http > > headers; so, I think I had to make a new class that inherited the > > provided one > > with some modified functions allowing the additional headers to be set. > > > > The problem here is that I couldn't find any way of doing authentication > > with > > XMLRPC other than basic auth, which wasn't an option in our (NCSU) > > environment. So, I added the requirement of using additional http > > headers that provide the necessary authentication bits. Unfortunately, > > not all XMLRPC > > libraries expose a way to set additional http headers. > > > > If anyone knows of another way of doing XMLRPC authentication, please let > > me > > know. > > > > Josh > > > > On Wednesday November 30, 2011, Mani Shafa'atDoost wrote: > > > Josh, > > > > > > In java for XMLRPC calls, you have one execute function that accepts 2 > > > arguments. First one is the "Method name" and second one is a list of > > > parameters that we need to pass to this function. so where should I put > > > this header? in parameter[0]? > > > Also there is a config that can be set before execute a method. this > > > > config > > > > > can set following things: > > > > > > basicUserName > > > basicPassword > > > basicEncoding > > > contentLengthOptional > > > enabledForExceptions > > > enabledForExtensions > > > encoding > > > gzipCompressing > > > gzipRequesting > > > > > > I know, we need to set up this header somewhere, but I am not sure > > > > where. I > > > > > will appreciate if you tell me which part of code is handling this RPC > > > request in VCL. > > > > > > > > > Best Regards > > > Mani > > > > > > On Wed, Nov 30, 2011 at 3:22 PM, Josh Thompson > > > > <josh_thomp...@ncsu.edu>wrote: > > > > -----BEGIN PGP SIGNED MESSAGE----- > > > > Hash: SHA1 > > > > > > > > Mani, > > > > > > > > I'm not clear on what you are saying you are passing a first and > > > > second argument to. > > > > > > > > For every API call (except when calling XMLRPCaffiliations), you'll > > > > need > > > > > > to have X-User, X-Pass, and X-APIVERSION added to the HTTP headers to > > > > provide authentication to the vcl frontend. > > > > > > > > Josh > > > > > > > > On Wednesday November 30, 2011, Mani Shafa'atDoost wrote: > > > > > Josh, > > > > > > > > > > As far as I understood, I need to pass the function name as first > > > > > > > > argument > > > > > > > > > and for second one I need to add a list of parameters. For first > > > > > > > > parameter, > > > > > > > > > I need to pass Header which consist of following things: > > > > > $header = "Content-Type: text/xml\r\n"; > > > > > > > > > > $header .= "X-User: " . $this->username . "\r\n"; > > > > > $header .= "X-Pass: " . $this->password . "\r\n"; > > > > > $header .= "Cookie: " . $_SERVER["HTTP_COOKIE"] . "\r\n"; > > > > > $header .= "X-APIVERSION: 2"; > > > > > > > > > > so, is it necessary to add all of these things to header? > > > > > > > > > > Best Regards > > > > > Mani > > > > > > > > > > On Wed, Nov 30, 2011 at 1:28 PM, Josh Thompson > > > > > > > > <josh_thomp...@ncsu.edu>wrote: > > > > > > Mani, > > > > > > > > > > > > I forgot that there is a third http header that is always > > > > > > required > > > > - > > > > > > > > X-APIVERSION. You'd even need that set when calling > > > > > > > > XMLRPCaffiliations. > > > > > > > > > > Josh > > > > > > > > > > > > On Wednesday November 30, 2011, Josh Thompson wrote: > > > > > > > Mani, > > > > > > > > > > > > > > I haven't done much with java, and what I have done was many > > > > years > > > > > > ago. > > > > > > > > > > > Given that, it doesn't look like you are providing the > > > > > > > additional custom authentication http headers X-User and > > > > > > > X-Pass anywhere. > > > > > > > > > > > > > > Those two additional headers are not needed for the > > > > > > > > XMLRPCaffiliations > > > > > > > > > > > call. So, you could try calling that to see if the > > > > > > > authentication headers are your only problem. > > > > > > > > > > > > > > Josh > > > > > > > > > > > > > > On Wednesday November 30, 2011, Mani Shafa'atDoost wrote: > > > > > > > > I am trying to use Java to use your system. but the problem > > > > > > > > is > > > > > > > > when I > > > > > > > > > > try > > > > > > > > > > > > > > to execute something like client.execute( "XMLRPCtest", > > > > > > > > params > > > > ); > > > > > > , I > > > > > > > > > > > > receive errors. > > > > > > > > Can you tell me what should I pass to this function.I just > > > > > > > > attached my java class. > > > > > > > > > > > > > > > > Best Regards > > > > > > > > Mani > > > > > > > > > > > > > > > > On Wed, Nov 30, 2011 at 8:39 AM, Aaron Coburn > > > > > > > > <acob...@amherst.edu > > > > > > > > > > > > wrote: > > > > > > > > > Mani, > > > > > > > > > > > there is documentation for the XML RPC located here: > > http://people.apache.org/~jfthomps/xmlrpcdocs/xmlrpcWrappers_8php.htm > > > > > > > > l > > > > > > > > > > > > > > > I have been using the remote API for some time now, and it > > > > > > > > > works very well. To make things easier for me, I wrote a > > > > > > > > > php class that encapsulates some of these functions (see > > > > > > > > > attached). This class doesn't implement any of the group > > > > > > > > > management features, but they > > > > > > > > > > > > would > > > > > > > > > > > > > > > be easy to add. > > > > > > > > > > > > > > > > > > You can then use the class like this (if, for instance, you > > > > > > > > wanted > > > > > > > > > > > > > to list the reservations for a particular user): > > > > > > > > > > > > > > > > > > $vcl = new VCL($userid, $password); > > > > > > > > > > > > > > > > > > if ($reservations = $vcl->getReservations()){ > > > > > > > > > foreach ($reservations as $r){ > > > > > > > > > print "<p>"; > > > > > > > > > print "<b>{$r['imagename']}</b> "; > > > > > > > > > if ($status = $vcl->getRequestStatus($r['requestid'])){ > > > > > > > > > switch ($status['status']){ > > > > > > > > > ... > > > > > > > > > } > > > > > > > > > } > > > > > > > > > print "</p>"; > > > > > > > > > } > > > > > > > > > } > > > > > > > > > > > > > > > > > > The authentication piece is handed off to the appropriate > > > > > > > > > affiliation function in the VCL code, so if you are using > > > > LDAP, > > > > > > > > > > > the user's > > > > > > > > > > > > password > > > > > > > > > > > > > > > would be verified in that way. Since we use Shibboleth with > > > > our > > > > > > VCL > > > > > > > > > > > > > installation, the web application (neither the VCL nor any > > > > > > > > > remote webapp) will know anything about what constitutes a > > > > > > > > > valid > > > > > > > > password, > > > > > > > > > > so > > > > > > > > > > > > > > > I ended up modifying the 'checkAccess()' function in > > > > > > > > > .ht-inc/utils.php. If this is relevant for your > > > > installation, I > > > > > > can > > > > > > > > > > > > > explain further how this is done. > > > > > > > > > > > > > > > > > > The remote API allows me, for instance, to embed the VCL > > > > inside > > > > > > > > > > > other web applications (such as our campus learning > > > > management > > > > > > > > > > > system), without requiring students to login to the main > > > > > > > > > VCL site when they want to make and connect to their > > > > reservations. > > > > > > > > > > > Best regards, > > > > > > > > > Aaron > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Nov 29, 2011, at 6:08 PM, Mani Shafa'atDoost wrote: > > > > > > > > > > > > > > > > > > Josh, > > > > > > > > > > > > > > > > > > Thank you. Do you have any proper documentation for > > > > > > > > > functions > > > > > > > > that > > > > > > > > > > you > > > > > > > > > > > > > > > provided by XML RPC? > > > > > > > > > > > > > > > > > > Best Regards > > > > > > > > > Mani > > > > > > > > > > > > > > > > > > On Tue, Nov 29, 2011 at 4:32 PM, Josh Thompson > > > > > > > > > > > > > > <josh_thomp...@ncsu.edu>wrote: > > > > > > > > >> Mani, > > > > > > > > >> > > > > > > > > >> Unfortunately, the example code is way out of date and > > > > > > > > >> uses API version 1 which is no longer supported. > > > > > > > > > > >> A more current example, though in python, is available here: > > https://svn.apache.org/repos/asf/incubator/vcl/sandbox/useful_scripts > > > > > > > > / > > > > > > > > > > > > > > >> ma nagegroups.py > > > > > > > > >> > > > > > > > > >> Josh > > > > > > > > >> > > > > > > > > >> On Sunday November 20, 2011, Mani Shafa'atDoost wrote: > > > > > > > > >> > Hello, > > > > > > > > >> > > > > > > > > > >> > I just used your sample file to use VCL through XMLRPC, > > > > but > > > > > > > > > > >> > I received following error : > > > > > > > > >> > > > > > > > > > >> > *Notice*: xmlrpc: Unsupported API version, cannot > > > > continue. > > > > > > > > > > >> > I just modified username and password in your sample PHP > > > > > > > > file. I > > > > > > > > > > > > >> > will appreciate if you could guide me. > > > > > > > > >> > > > > > > > > > >> > > > > > > > > > >> > Best Regards > > > > > > > > >> > > > > > > > > > >> > Mani > > > > > > > > >> > > > > > > > > >> - -- > > > > > > > > >> - ------------------------------- > > > > > > > > >> Josh Thompson > > > > > > > > >> VCL Developer > > > > > > > > >> North Carolina State University > > > > > > > > >> > > > > > > > > >> my GPG/PGP key can be found at pgp.mit.edu - -- - ------------------------------- Josh Thompson VCL Developer North Carolina State University my GPG/PGP key can be found at pgp.mit.edu -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iEYEARECAAYFAk7Y2tkACgkQV/LQcNdtPQOeaACeIQyNlnfj4NqtXi+H7w7V3RpB UXYAnjFjKVM84vf35tO8q7ODCmnmjZc+ =v1tY -----END PGP SIGNATURE-----
