NAME

XML::Compile::WSS::BasicAuth - username/password security

INHERITANCE

 XML::Compile::WSS::BasicAuth
   is a XML::Compile::WSS

SYNOPSIS

 # you need a few constants
 use XML::Compile::WSS::Util  qw/:utp11/;

 # used in combination with any other XML schema
 my $auth = XML::Compile::WSS::BasicAuth->new
   ( schema   => $anything
   , username => $user
   , password => $password
   );

 # connects itself to a WSDL
 my $wss  = XML::Compile::SOAP::WSS->new;
 my $wsdl = XML::Compile::WSDL11->new($wsdlfn);
 my $auth = $wss->basicAuth
   ( ... same params, except 'schema'
   );

DESCRIPTION

The generic Web Service Security protocol is implemented by the super class XML::Compile::WSS. This extension implements "basic authentication", i.e. username/password validation.

You can best use digested passwords (UTP11_PDIGEST) In that case, a timestamp, a nonce and SHA1 hashing will keep the password a secret.

METHODS

Constructors

XML::Compile::WSS::BasicAuth->new(OPTIONS)
 -Option     --Defined in       --Default
  created                         undef
  nonce                           'RANDOM'
  password                        <required>
  pwformat                        UTP11_PTEXT
  schema       XML::Compile::WSS  undef
  username                        <required>
  version      XML::Compile::WSS  undef
  wss_version  XML::Compile::WSS  '1.1'
  wsu_Id                          undef
created => DATETIME

See XML::Compile::WSS::dateTime() for choices of DATETIME.

nonce => STRING|CODE|'RANDOM'

Only used then the password is passed as digest. This will cause the wsse:Nonce element.

When you pass a CODE, it will get called for each message to produce a STRING. The constant text 'RANDOM' will have a random nonce generator being called at each message.

password => STRING

The password in plain text. Use pwformat digest to send it encrypted over the network.

pwformat => UTP11_PTEXT|UTP11_PDIGEST

With UTP11_PTEXT, the plain-text version of the password is shown. If PTWTYPE IS UTP11_PDIGEST, the plain-text password will be encrypted with SHA1. The OPTIONS can be used to salt the digest with "nonce" and/or "created" information before the encryption.

schema => an XML::Compile::Cache object
username => STRING
version => STRING
wss_version => '1.1'|MODULE
wsu_Id => STRING

Adds a wsu:Id attribute to the created element.

Attributes

$obj->created()
$obj->nonce()
$obj->password()
$obj->schema()

See "Attributes" in XML::Compile::WSS

$obj->username()
$obj->wssVersion()

See "Attributes" in XML::Compile::WSS

$obj->wsuId()

Apply

$obj->check(SECURITY)

See "Apply" in XML::Compile::WSS

$obj->create(DOC, SECURITY, DATA)

See "Apply" in XML::Compile::WSS

Helpers

$obj->dateTime(TIME|STRING|HASH)

See "Helpers" in XML::Compile::WSS

Internals

$obj->loadSchemas(SCHEMA, VERSION)
XML::Compile::WSS::BasicAuth->loadSchemas(SCHEMA, VERSION)

See "Internals" in XML::Compile::WSS

$obj->writerHookWsuId(TYPE)

See "Internals" in XML::Compile::WSS

SEE ALSO

This module is part of XML-Compile-WSS distribution version 1.07, built on November 17, 2012. Website: http://perl.overmeer.net/xml-compile/

Other distributions in this suite: XML::Compile, XML::Compile::SOAP, XML::Compile::SOAP12, XML::Compile::SOAP::Daemon, XML::Compile::SOAP::WSA, XML::Compile::C14N, XML::Compile::WSS, XML::Compile::WSS::Signature, XML::Compile::Tester, XML::Compile::Cache, XML::Compile::Dumper, XML::Compile::RPC, XML::Rewrite, XML::eXistDB, and XML::LibXML::Simple.

Please post questions or ideas to the mailinglist at http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/xml-compile

For live contact with other developers, visit the #xml-compile channel on irc.perl.org.

LICENSE

Copyrights 2011-2012 by [Mark Overmeer]. For other contributors see ChangeLog.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See http://www.perl.com/perl/misc/Artistic.html