OFBiz

auto-verifying user in ofbiz without password when calling ofbiz webservice through xml-rpc.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Murali
Reply | Threaded
Open this post in threaded view
|

auto-verifying user in ofbiz without password when calling ofbiz webservice through xml-rpc.

Murali
Hi,

In my application, i am calling the ofbiz webserivces through xml-rpc using xml-rpc client.
Below is the client code what I am using
        ----------------------------------------------------------
                XmlRpcClientConfigImpl config = new XmlRpcClientConfigImpl();
                try {
                        config.setServerURL(new URL(ofbizRpcUrl));
                } catch (MalformedURLException e) {
                        logger.error("Error", e);
                }
                config.setEnabledForExceptions(true);
                config.setEnabledForExtensions(true);

                XmlRpcClient client = new XmlRpcClient();
                client.setConfig(config);

                Map paramMap = new HashMap();
                paramMap.put("login.username", username);
                paramMap.put("login.password", password);
                if(parameters!=null){paramMap.putAll(parameters);}
               
                Object[] params = new Object[]{paramMap};
                Map result = null;
                try {
                        result = (Map) client.execute(serviceName, params);
                       
                } catch (XmlRpcException e) {
                        logger.error("Error while calling web service", e);
                }
               
                return result;
        ------------------------------------------------------------
       
Event if I *dont* pass the username and password, I am able to get the result from the webservice call,
which is not secured.

But if you set auth="true" as shown below on the exposed service in service.xml, it will throw an exception saying "user authorization is required to call the serice" if you dont pass the username and password.

<service name="findPartiesById" engine="java" auth="true"
 location="org.ofbiz.party.party.PartyServices" invoke="findPartyById" export="true">
 <description>Find the partyId corresponding to a reference and a reference type</description>
 <attribute type="String" mode="IN" name="idToFind" optional="false"/>
 <attribute type="String" mode="IN" name="partyIdentificationTypeId" optional="true"/>
 <attribute type="String" mode="IN" name="searchPartyFirst" optional="true"/>
 <attribute type="String" mode="IN" name="searchAllId" optional="true"/>
 <attribute type="org.ofbiz.entity.GenericValue" mode="OUT" name="party" optional="true"/>
 <attribute type="List" mode="OUT" name="partiesFound" optional="true"/>
</service>

what I want is,  to auto-verify the user based on the userLoginId without requiring the password.
Please post your comments on how to do this?

Thanks in advance.
Murali
Reply | Threaded
Open this post in threaded view
|

Re: auto-verifying user in ofbiz without password when calling ofbiz webservice through xml-rpc.

Murali
Please post your comments?
Free forum by Nabble Edit this page