mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-27 09:09:04 +01:00
306 lines
6.9 KiB
HTML
306 lines
6.9 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
> eGroupWare XML-RPC/SOAP Methodology
|
|
</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.64
|
|
"><LINK
|
|
REL="NEXT"
|
|
TITLE=" Business layer requests
|
|
"
|
|
HREF="phpgw_server-1.html"></HEAD
|
|
><BODY
|
|
CLASS="ARTICLE"
|
|
><DIV
|
|
CLASS="ARTICLE"
|
|
><DIV
|
|
CLASS="TITLEPAGE"
|
|
><H1
|
|
CLASS="TITLE"
|
|
><A
|
|
NAME="AEN2"
|
|
>eGroupWare XML-RPC/SOAP Methodology</A
|
|
></H1
|
|
><H3
|
|
CLASS="AUTHOR"
|
|
><A
|
|
NAME="AEN4"
|
|
></A
|
|
></H3
|
|
><HR></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="AEN8"
|
|
>System level requests</A
|
|
></H1
|
|
><DIV
|
|
CLASS="SECT2"
|
|
><H2
|
|
CLASS="SECT2"
|
|
><A
|
|
NAME="AEN10"
|
|
>Login and authentication</A
|
|
></H2
|
|
><P
|
|
> Authentication for user logins is handled internally no differently than for the typical eGroupWare login via web browser. Server logins, added for XML-RPC and SOAP, are only slightly different. For either protocol, user and server login and authentication and subsequent requests are handled by their respective server apps, xmlrpc.php and soap.php. A server is identified by a custom HTTP header, without which a normal user login will be undertaken.
|
|
</P
|
|
><P
|
|
> A client or server sends the appropriate XML-RPC or SOAP packet containing host, user, and password information to the phpgw server. The server then assigns a sessionid and key, which is returned to the client in the appropriate format.
|
|
</P
|
|
><P
|
|
> Our current method for authenticating requests after successful login is via the Authorization: Basic HTTP header to be sent by the client or requesting server. The format of this header is a base64 encoding of the assigned sessionid and kp3 variables, seperated by a ':'.
|
|
</P
|
|
><P
|
|
> Further security may be obtained by using SSL on the client and server. In the future, we may encrypt/descrypt the data on either end, or at least provide this as an option. The sessionid and key variables will make this possible, and relatively secure.
|
|
</P
|
|
><DIV
|
|
CLASS="SECT3"
|
|
><H3
|
|
CLASS="SECT3"
|
|
><A
|
|
NAME="AEN16"
|
|
>system.login</A
|
|
></H3
|
|
><P
|
|
> The first request a client will make is the system.login method. Here is a sample of a server login packet in XML-RPC:
|
|
</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="PROGRAMLISTING"
|
|
><?xml version="1.0"?>
|
|
<methodCall>
|
|
<methodName>system.login</methodName>
|
|
<params>
|
|
<param>
|
|
<value><struct>
|
|
<member><name>server_name</name>
|
|
<value><string>my.host.name</string></value>
|
|
</member>
|
|
<member><name>username</name>
|
|
<value><string>bubba</string></value>
|
|
</member>
|
|
<member><name>password</name>
|
|
<value><string>gump</string></value>
|
|
</member> </struct></value>
|
|
</param>
|
|
</params>
|
|
</methodCall>
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
> And the same in SOAP:
|
|
</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="PROGRAMLISTING"
|
|
><?xml version="1.0"?>
|
|
<SOAP-ENV:Envelope
|
|
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/1999/XMLSchema-instance" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:si="http://soapinterop.org/xsd"
|
|
xmlns:ns6="http://soapinterop.org" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
|
|
<SOAP-ENV:Body> <ns6:system_login>
|
|
<server_name xsi:type=":string">my.host.name</server_name>
|
|
<username xsi:type=":string">bubba</username>
|
|
<password xsi:type=":string">gump</password>
|
|
</ns6:system_login>
|
|
</SOAP-ENV:Body>
|
|
</SOAP-ENV:Envelope>
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
> The same style of packet would be required for a user/client login. A successful login should yield the following reply:
|
|
</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="PROGRAMLISTING"
|
|
><methodResponse>
|
|
<params>
|
|
<param>
|
|
<value><struct>
|
|
<member><name>sessionid</name>
|
|
<value><string>cf5c5534307562fc57915608377db007</string></value>
|
|
</member>
|
|
<member><name>kp3</name>
|
|
<value><string>2fe54daa11c8d52116788aa3f93cb70e</string></value>
|
|
</member>
|
|
</struct></value>
|
|
</param>
|
|
</params>
|
|
</methodResponse>
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
> And a failed login:
|
|
</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="PROGRAMLISTING"
|
|
><methodResponse>
|
|
<params>
|
|
<param>
|
|
<value><struct>
|
|
<member><name>GOAWAY</name>
|
|
<value><string>XOXO</string></value>
|
|
</member>
|
|
</struct></value>
|
|
</param>
|
|
</params>
|
|
</methodResponse>
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
> eqweqw
|
|
</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="SECT3"
|
|
><H3
|
|
CLASS="SECT3"
|
|
><A
|
|
NAME="AEN27"
|
|
>system.logout</A
|
|
></H3
|
|
><P
|
|
> Logout:
|
|
</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="PROGRAMLISTING"
|
|
><?xml version="1.0"?>
|
|
<methodCall>
|
|
<methodName>system.logout</methodName>
|
|
<params> <param>
|
|
<value><struct>
|
|
<member><name>sessionid</name>
|
|
<value><string>ea35cac53d2c12bd05caecd97304478a</string></value>
|
|
</member>
|
|
<member><name>kp3</name>
|
|
<value><string>4f2b256e0da4e7cbbebaac9f1fc8ca4a</string></value>
|
|
</member>
|
|
</struct></value>
|
|
</param>
|
|
</params>
|
|
</methodCall>
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
> Logout worked:
|
|
</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="PROGRAMLISTING"
|
|
><methodResponse>
|
|
<params>
|
|
<param>
|
|
<value><struct>
|
|
<member><name>GOODBYE</name>
|
|
<value><string>XOXO</string></value>
|
|
</member>
|
|
</struct></value>
|
|
</param>
|
|
</params>
|
|
</methodResponse>
|
|
</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></DIV
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="phpgw_server-1.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Business layer requests</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
>
|