[Soap-Python] soaplib: Some additional hooks for header processing (aka ws-security, etc.)

[Ernesto Revilla Derksen]

Hi.

First of all, you're doing a great work with soaplib!!!

I was just running the debugger to see how soaplibs treats the headers.

In soaplib/core/_base.py:decompose_incoming_envelope (near line 335), we get
the header & body parsed. Fine!

But just below, there is no self.validateHeader or self.checkHeader. So the
body is validated before (!) any headers can be validades. Could there be a
hook?

In method deserialize_soap (lines 406-417):
            # decode header object
            if (ctx.in_header_xml is not None and
                len(ctx.in_header_xml) > 0 and
                header_class is not None):
                ctx.service.in_header =
header_class.from_xml(ctx.in_header_xml)


how do IN-wrappers supposed to work? could you give an example?

In process_request (line 436):
ctx.service.on_method_call(ctx.method_name,req_obj,ctx.in_body_xml)

the header is NOT sent to the service hook

As I can see (and sure that I'm wrong), I have the following alternatives of
processing SOAP headers:
 - using IN-wrappers:
 - override Application object customizing one of:
   - deserialize_soap (says: not meant to be override!)
   - decompose_incoming_envelope
   - process_request (says: not meant to be override!)

Where would be the best place to implement header checking? (e.g. security=

Thanks in advance.
Best regards.
Erny
Spain

Ernesto Revilla
Yaco Sistemas
+34 954 500 057
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/soap/attachments/20110527/8350776e/attachment.html>