Home/ Questions/Q 9210815
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-18T01:09:43+00:00

My SOAP-Server expects every request to have a valid token in the soap-header to

  • 0

My SOAP-Server expects every request to have a valid token in the soap-header to authenticate the soap-client. This token is only valid for a certain period of time, so I have to expect it to be invalid in every call.

I am trying to find a way to force savon to rebuild the SOAP-Header (i.e. use the new auth-token) after I (re)authenticate with the SOAP-Server. I am not sure, if that is either a savon problem or a ruby one. Here is what I have so far.

class Soapservice
  extend Savon::Model

  # load stored auth-token
  @@header_data = YAML.load_file "settings.yaml"

  client wsdl: 'locally-cached-wsdl.xml', 
    soap_header: {'verifyingToken' => @@header_data}

  operations :get_authentification_token, :get_server_time

  # request a new auth-token and store it
  def get_authentification_token
    response = super(:message => {
        'oLogin' => {
            'Username' => 'username', 
            'Userpass' => 'password'
        }
    })

    settings = {
      'UserID' => response[:user_id].to_i,
      'Token' => response[:token], 
    }

    File.open("settings.yaml", "w") do |file|
        file.write settings.to_yaml
    end

    @@header_data = settings
  end

  def get_server_time
    return super()
    rescue Savon::SOAPFault => error
      fault_code = error.to_hash[:fault][:faultstring]
      if fault_code == 'Unauthorized Request - Invalide Token'
          get_authentification_token
          retry
      end
  end
end

When I call

webservice = Soapservice.new
webservice.get_server_time

with an invalid Token, it reauthenticates and saves the new Token successfully, but the retry doesn’t load the new header (the result is an infinite loop). Any ideas?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I added rubiii’s answer from the GitHub-Issue here for future reference:

    class Soapservice

  # load stored auth-token
  @@header_data = YAML.load_file "settings.yaml"

  def initialize
    @client = Savon.client(wsdl: 'locally-cached-wsdl.xml')
  end

  def call(operation_name, locals = {})
    @client.globals[:soap_header] = {'verifyingToken' => @@header_data}
    @client.call(operation_name, locals)
  end

  # request a new auth-token and store it
  def get_authentification_token
    message = {
      'Username' => 'username', 
      'Userpass' => 'password'
    }
    response = call(:get_authentification_token, :message => message)

    settings = {
      'UserID' => response[:user_id].to_i,
      'Token'  => response[:token], 
    }

    File.open("settings.yaml", "w") do |file|
      file.write settings.to_yaml
    end

    @@header_data = settings
  end

  def get_server_time
    call(:get_server_time)
    rescue Savon::SOAPFault => error
      fault_code = error.to_hash[:fault][:faultstring]
      if fault_code == 'Unauthorized Request - Invalide Token'
        get_authentification_token
        retry
      end
  end

end

    rubiii added:

    notice that i removed Savon::Model, as you actually don’t need it and i don’t know if it supports this workaround.
    if you look at the #call method, it accesses and changes the globals before every request.

    • 0