xmlrpc and auth-digest

T

Thomas Liesner

Hi all,

this may have been asked before, but as a newbie with xmlrpc i can't
find any suitable info on that. Sorry.
I am trying to write a simple xmlrpc-client in python and the server i
am trying to receive data from requires http auth digest.
The info on xmlrpclib covers auth basic thrugh url econding such as
"user:pass@server", but no auth digest.

Is there any other library i could use for that or can i write some sort
of wrapper around this using a differnt library like urllib?

TIA,
Tom
 
L

Laszlo Nagy

Thomas Liesner írta:
Hi all,

this may have been asked before, but as a newbie with xmlrpc i can't
find any suitable info on that. Sorry.
I am trying to write a simple xmlrpc-client in python and the server i
am trying to receive data from requires http auth digest.
The info on xmlrpclib covers auth basic thrugh url econding such as
"user:pass@server", but no auth digest.

Is there any other library i could use for that or can i write some sort
of wrapper around this using a differnt library like urllib?
Click to expand...
What I did before is that I added additional parameters of my published
functions for the username and the password, and used xmlrpc over https.
This is secure, but somewhat clumsy. You can also implement this by
creating a persistent "session" when logging in, then use the session
identifier for identification.

If you are interested in XML/RPC over HTTPS:

http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/496786

Regarding basic or digest http authentication, I believe it has nothing
to do with the XML/RPC protocol itself. The basic and digest
authentication is defined at the HTTP level. It is implemented with HTTP
headers. Probably you can do this but not with the built-in xmlrpclib.
If you look at xmlrpclib.py, then you will see that the ServerProxy
class is an old style class that uses the xmlrpclib.Transport class for
communication. The Transport class itself uses httplib to post the
information. In theory, you can copy your own xmlrpclib and send/check
extra http headers. In my opinion, it would be too much work, too much
trouble and still not secure.

Regards,

Laszlo
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

xmlrpc an auth-diget 0
using HTTP Digest auth with arbitrary HTTP methods? 3
Error with python 3.3.2 and https 6
Python Digest authentication against MS MapPoint 2
Ruby xmlrpc/server incompatible? 3
Digest MD5 authentication over using ZSI 1
Python xmlrpc servers? 9
Mongrel/XMLRPC For Ruby - Max Post Size 2

Members online

No members online now.
Total: 29 (members: 1, guests: 28)
Robots: 419

Forum statistics

Threads
473,769
Messages
2,569,580
Members
45,054
Latest member
TrimKetoBoost

Latest Threads

Top