This documentation is deprecated, please have a look at “savonrb.com”:http://savonrb.com/!
p. The libraries provide support for multiple authentication protocols. While Handsoap’s authentication support is more low level, Savon provides an API for that task.
h2. WSSE authentication
p. As you might expect, the Handsoap way for this aspect is to implement a callback method for the document creation. Using Savon you can attach your credentials on a WSSE object inside your request block. Compare the two implementations:
def on_create_document(doc) doc.alias 's', "http://docs...xsd" header = doc.find("Header") header.add "s:Security" do |s| s.set_attr "env:mustUnderstand", "0" s.add "s:Username", @@username [...] end end
response = client.get_bank do |soap, wsse| wsse.username = @@username [...] end
h2. HTTP authentication
p. The same approach is used by Handsoap to offer HTTP authentication:
def on_after_create_http_request(http_request) http_request.set_auth @@username, @@password end
p. Savon provides support for this feature “just yet”:http://github.com/rubiii/savon/issues#issue/15 (since 0.7.0):
client.request.basic_auth "username", "password"
h2. SSL support
p. At the time of writing only Savon supports SSL authentication directly. This is achieved by passing a configuration hash to the Savon::Client:
client = Savon::Client.new "some_wsdl" client.request.http.ssl_client_auth( :cert => OpenSSL::X509::Certificate.new(File.read("client_cert.pem")), :key => OpenSSL::PKey::RSA.new(File.read("client_key.pem"), "password if one exists"), :ca_file => "cacert.pem", :verify_mode => OpenSSL::SSL::VERIFY_PEER )
p. While the “Handsoap documentation”:http://wiki.github.com/unwire/handsoap/authentication states that support for SSL is not yet implemented, there might be a chance to enable it through the use of the preconfigured http driver.