This documentation is deprecated, please have a look at savonrb.com!
The libraries provide support for multiple authentication protocols. While Handsoap’s authentication support is more low level, Savon provides an API for that task.
As you might expect, the Handsoap way for this aspect is to implement a callback method for the document creation. Using Savon you can attach your credentials on a WSSE object inside your request block. Compare the two implementations:
def on_create_document(doc) doc.alias 's', "http://docs...xsd" header = doc.find("Header") header.add "s:Security" do |s| s.set_attr "env:mustUnderstand", "0" s.add "s:Username", @@username [...] end end
response = client.get_bank do |soap, wsse| wsse.username = @@username [...] end
The same approach is used by Handsoap to offer HTTP authentication:
def on_after_create_http_request(http_request) http_request.set_auth @@username, @@password end
Savon provides support for this feature just yet (since 0.7.0):
client.request.basic_auth "username", "password"
At the time of writing only Savon supports SSL authentication directly. This is achieved by passing a configuration hash to the Savon::Client:
client = Savon::Client.new "some_wsdl" client.request.http.ssl_client_auth( :cert => OpenSSL::X509::Certificate.new(File.read("client_cert.pem")), :key => OpenSSL::PKey::RSA.new(File.read("client_key.pem"), "password if one exists"), :ca_file => "cacert.pem", :verify_mode => OpenSSL::SSL::VERIFY_PEER )
While the Handsoap documentation states that support for SSL is not yet implemented, there might be a chance to enable it through the use of the preconfigured http driver.