I think the problem is here:
"http://david.wald...@gmail.com:x...@127.0.0.1:8000/svctest/default/
call/xmlrpc"
there are two @. the username and password must be encoded using
urllib.quote
On Oct 25, 11:04 am, "David Waldrop" <david.wald...@gmail.com> wrote:
> Massimo,
>
> The webfaction server is Linux based and uses Apache as the web server.
> Additionally, below are the commands I used to test via a python console:
>
> --------------------------------------
> The original app (from which the test was derived)
>
> import xmlrpclib
> rserver =
> xmlrpclib.Server("http://david.wald...@gmail.com:x...@www.meetingmonkey.net/i
> nit/default/call/xmlrpc")
> rserver.getmeetings()
>
> lserver =
> xmlrpclib.Server("http://david.wald...@gmail.com:x...@127.0.0.1:8000/mm_beta_
> 1/default/call/xmlrpc")
> lserver.getmeetings()
>
> ------------------------------------
> The test app I sent last evening
>
> tserver =
> xmlrpclib.Server("http://david.wald...@gmail.com:x...@127.0.0.1:8000/svctest/
> default/call/xmlrpc")
> tserver.getmeetings()
>
> rserver =
> xmlrpclib.Server("http://david.wald...@gmail.com:x...@www.meetingmonkey.net/w
> elcome/default/call/xmlrpc")
> rserver.getmeetings()
>
> -----Original Message-----
> From: David Waldrop [mailto:david.wald...@gmail.com]
> Sent: Sunday, October 24, 2010 5:35 PM
> To: web2py@googlegroups.com
> Subject: RE: [web2py] Re: confused about services and authorization
>
> It’s the standard webfaction config, web2py and python installed using their
> scripts.
>
> -----Original Message-----
> From: web2py@googlegroups.com [mailto:web...@googlegroups.com] On Behalf Of
> mdipierro
> Sent: Sunday, October 24, 2010 5:15 PM
> To: web2py-users
> Subject: [web2py] Re: confused about services and authorization
>
> Can you also tell us more about the production server? What web server? Os?
>
> On Oct 24, 3:52 pm, "David Waldrop" <david.wald...@gmail.com> wrote:
> > Massimo, Thanks. This is absolutely maddening. Attached is simple
> > app. It exposes 1 service "getmeetings" located in the mm_services
> > model. The db.py file includes the statement:
>
> > auth.settings.allow_basic_login = True
>
> > and the default/call function is decorated to require login.
>
> > The app behaves correctly when running on my local machine, but always
> > returns 303 when invoked on the production server.
>
> > -----Original Message-----
> > From: web2py@googlegroups.com [mailto:web...@googlegroups.com] On
> > Behalf Of
>
> > mdipierro
> > Sent: Sunday, October 24, 2010 4:17 PM
> > To: web2py-users
> > Subject: [web2py] Re: confused about services and authorization
>
> > please email me a minimalist program to reproduce the problem and I
> > will debug it.
>
> > On Oct 24, 2:32 pm, David Waldrop <david.wald...@gmail.com> wrote:
> > > Even more confusion. I can get it to work on dev environment by
> > > reverting to the original decorator on call
>
> > > #...<http://groups.google.com/groups/unlock?_done=/group/web2py/brow
> > > se
> > > _thr...>
> > > @auth.requires(auth.user)
> > > @auth.requires_login()
> > > def call():
> > > """
> > > exposes services. for example:
> > >
> > >http://..../<http://www.google.com/url?sa=D&q=http://..../&usg=AFQjCN
> > >H
> > > TjjhgMOeO9jl...>
> > > [app]/default/call/jsonrpc
> > > decorate with @services.jsonrpc the functions to expose
> > > supports xml, json, xmlrpc, jsonrpc, amfrpc, rss, csv
> > > """
> > > session.forget()
> > > return service()
>
> > > This works on the local/dev machine. By work I meant i get the
> > > expected result when valid credentials are passed, and a 303 when
> > > invalid is passed!!! I cannot get it to work on the production
> > > system. If I comment out the authorization decorator all together
> > > the service is invoked thereby isolating the problem to the way the
> > > credentials are passed/handled. The code is Identical so it must
> > > be something in the environmental setup. Any ideas?
>
> > > On Sun, Oct 24, 2010 at 2:57 PM, david.waldrop
> > <david.wald...@gmail.com>wrote:
>
> > > > Cancel that it DOES NOT work on local either. In the previous
> > > > post it worked I believe because I still had the old controller.
> > > > Now that I have deleted the controller puttilng the call function
> > > > back in the default controller, and moving the getmeeting function
> > > > to a model file, i am not able to access in the dev server or the
> > > > productiontion server. I am 100% sure the credentials are
> > > > correct, but cannot figure out why the authentication is not
> happening.
>
> > > > On Oct 24, 2:13 pm, "David Waldrop" <david.wald...@gmail.com> wrote:
> > > > > Massimo, moving the function out of the controller enabled me to
> > > > > successfully invoke the function via xmlrpc on my development
> > > > > machine,
> > > > but
> > > > > not on the production version. In the forum I see that this
> > > > > (303) supposedly indicates invalid authorization, but the
> > > > > testing credentials
> > > > are
> > > > > valid on both sites. I did so by issuing the following at the
> > > > > python
> > > > > console:
>
> > > > > Python 2.6.6 (r266:84297, Aug 24 2010, 18:46:32) [MSC v.1500 32
> > > > > bit
> > > > (Intel)]
> > > > > on
> > > > > win32
> > > > > Type "help", "copyright", "credits" or "license" for more
> information.
>
> > > > > >>> import xmlrpclib
> > > > > >>> server =
>
> > > > > xmlrpclib.Server("http://david.wald...@gmail.com:x...@www.meetin
> > > > > gm
> > > > > on
> > > > > key.net/init/default/call/xmlrpc")
>
> > > > > >>> server2 =
>
> > > > > xmlrpclib.Server("http://david.wald...@gmail.com:x...@127.0.0.1:
> > > > > 80
> > > > > 0
> > > > > 0/mm_beta_1/default/call/xmlrpc")
>
> > > > > >>> server.getmeetings()
>
> > > > > Traceback (most recent call last):
> > > > > File "<stdin>", line 1, in <module>
> > > > > File "C:\Python26\lib\xmlrpclib.py", line 1199, in __call__
> > > > > return self.__send(self.__name, args)
> > > > > File "C:\Python26\lib\xmlrpclib.py", line 1489, in __request
> > > > > verbose=self.__verbose
> > > > > File "C:\Python26\lib\xmlrpclib.py", line 1243, in request
> > > > > headers
> > > > > xmlrpclib.ProtocolError: <ProtocolError for
> > > > > david.wald...@gmail.com:x...@www.meet
> > > > > ingmonkey.net/init/default/call/xmlrpc: 303 SEE OTHER>
>
> > > > > >>> server2.getmeetings()
>
> > > > > 'you are logged in!'
>
> > > > > Do I need to enables something special in the environment other
> > > > > than auth.settings.allow_basic_login = True, which is already set.
> > > > > Alos, is
> > > > this
> > > > > a recommended way of passing credentials to a web2py services,
> > > > > it seems
> > > > as
> > > > > if they may be exposed in the clear during transport???
>
> > > > > /david
>
> > > > > -----Original Message-----
> > > > > From: web2py@googlegroups.com [mailto:web...@googlegroups.com]
> > > > > On Behalf
> > > > Of
>
> > > > > mdipierro
> > > > > Sent: Sunday, October 24, 2010 1:38 PM
> > > > > To: web2py-users
> > > > > Subject: [web2py] Re: confused about services and authorization
>
> > > > > I am not sure you should register services in controller, unless
> > > > > you also want to expose them as actions. I normally put them in
> > > > > a
> > model.
> > > > > Anyway...
>
> > > > > @service.xmlrpc
> > > > > @service.jsonrpc
> > > > > @service.whetever
>
> > > > > register a function as a service
>
> > > > > def call(): return service()
>
> > > > > simply exposes all services.
>
> > > > > You can do
>
> > > > > @auth.requires(auth.user)
> > > > > def call(): return service()
>
> > > > > and you will get an unauthorized error
>
> > > > > On Oct 24, 11:19 am, "david.waldrop" <david.wald...@gmail.com>
> wrote:
> > > > > > I have spent the bulk of last evening and this morning trying
> > > > > > to test web2py services and authorization. In addition to
> > > > > > setting auth.settings.allow_basic_login = True I have deleted
> > > > > > the "call function" in the default controller, created a
> > > > > > seperate controller "mmservices",and and populated with the
> following code:
>
> > > > > > @auth.requires_login()
> > > > > > def call():
> > > > > > """
> > > > > > exposes services. for example:
> > > > > > http://..../[app]/default/call/jsonrpc
> > > > > > decorate with @services.jsonrpc the functions to expose
> > > > > > supports xml, json, xmlrpc, jsonrpc, amfrpc, rss, csv
> > > > > > """
> > > > > > session.forget()
> > > > > > return service()
>
> > > > > > @service.xmlrpc
> > > > > > def getmeetings():
> > > > > > if auth.is_logged_in():
> > > > > > return 'you are logged in!'
> > > > > > else:
> > > > > > return 'NO DICE'
>
> > > > > > @service.xmlrpc
> > > > > > def test(insink):
> > > > > > if auth.is_logged_in():
> > > > > > return 'test: you are logged in!'
> > > > > > else:
> > > > > > return 'test: NO DICE'
>
> > > > > > My questions are:
>
> > > > > > 1) what is the purpose of the "call" function? I see that it
> > > > > > is part of the proxy when invoking, but am not sure where it
> > > > > > gets invoked or what it does. Does there need to be a
> > > > > > separate call for each web- service function (as I saw in a forum
> post)?
>
> > > > > > 2) when i
> > > > > > enterhttp://www.meetingmonkey.net/init/mmservices/getmeetings
> > > > > > without logging in I get "no dice". I suspect this is due to
> > > > > > the fact that I am accessing the function because it is in a
> > > > > > controller. This is not the desired behavior as I want to
> > > > > > ensure the user has logged in before getting access to the
> > > > > > function. Is there a complete example of the best practice
> > > > > > for implementing web-services including where to put various
> > > > > > parts of
> > code?
>
> > > > > > 3) when I
> > > > > > enterhttp://www.meetingmonkey.net/init/mmservices/call/xmlrpc/
> > > > > > ge tmeeti ngs without logging 8in I am redirected to the login
> > > > > > page. I would rather just return an unauthorized error, but
> > > > > > do not know how to do?
>
> > > --
> > > david.wald...@gmail.com | 301.526.9500
>
> > web2py.app.svctest.w2p
> > 1006KViewDownload
>
>
