Skip to main content

SOAP + Basic Authentication in Ruby

Do you need to do SOAP in Ruby?

First of all, install the latest version of Ruby you can stand. (I'm using this one. What the heck. I'm giving the laptop back in a few hours.)

That's a fine thing, but you can't do Basic Authentication yet. You need to install a net/http that understands Basic Authentication.

Ready to go? Not quite. The version of SOAP4R you have doesn't handle arguments to web services correctly. You need to install the latest SOAP4R to get your arguments handled right.

Now you're ready. You might get an extraneous error message "ignored attr: {}mixed" but it probably won't affect your ability to do the job.

Many many thanks to Emil Marceta for walking me through the process.

Two things:
1) Perl's SOAP::Lite does this out of the box.
2) The Pickaxe dismisses SOAP pretty perfunctorily, but the beauty of SOAP is that it is (should be) very very easy for the client, using existing libraries.

What would it take to put this in the regular Windows Ruby distro?


tomeeo said…
Chris, thanks for the help, but even with the soap4r update & the net/http-access2 udpate, i still am getting an HTTP 401 unauthorized when i try to call my web service method. I am trying to accessing a set of sharepoint web services. The site askes for a username and password when I visit it and that is what I have been supplying:

ws.options["protocol.http.basic_auth"] << ['site_url', "username", "password"]

I've also tried the headerhandler approach but no dice.

Any debugging tips?
Chris McMahon said…
There are only two ways to get a 401 error in this context: either you have the wrong user/password combination; or you are requesting a page that is protected. I suspect that the 'site_url' is somehow incorrect. What's there when you navigate a browser to 'site_url'? I think in general there should be a WSDL there.
Alex said…

I been trying to access the web services inside xplanner with no luck the following is my code:
class WelcomeController < ApplicationController

require 'soap/wsdlDriver'
require 'soap/driver'
require 'cgi'
require 'net/http'

def index

soap_client ="")
soap_client.options["protocol.http.basic_auth"] << ['', "sysadmin", "password"]
driver = soap_client.createDriver

# driver ='http:').create_rpc_driver
# driver.options["protocol.http.basic_auth"] << ['', "sysadmin", "password"]

# wsdl_url = ''
# driver =

puts driver.inspect

eni get a 401 error

and yes user and password are the correct username and password
Chris McMahon said…
alex, some of your code looks odd

Under the "# driver" part, the url is malformed, missing slash characters.

I think the comment editor is going to truncate the create_rpc_driver line, but try the code below and see if you get a 401

wsdl_url = "http://foo/wsdl"
user = "username"
pass = "password

@soap =
@soap.options["protocol.http.basic_auth"] << [wsdl_url,user,pass]
Alex said…
Hi thanks for your replay.

Yes you are right the code was a bit odd, sorry it was late.

I have tried the code that you gave me and I get 2 errors, One when i run a ruby script which is the 401 error:
retry_connect: Unexpected response: #HTTP:: blah blah blah ,@response_status_code=401 etc ...

The other one when I call the webs ervice from rails:

uninitialized constant WSDLDriverFactory

Again Thanks for your help
Michael McGrath said…
Can anyone help me with calling over SSL?

def lookup_id


driver ="https://blahblah.wsdl").create_rpc_driver

@rv=driver.verifyId(AUTH_TOKEN, PIN, pid)

This works fine locally but when deployed I get:

OpenSSL::SSL::SSLError (certificate verify failed):

Can anyone enlighten me as to how I can simply ignore the cert validity error as happens on my local PC?
Sandopi said…
I have to use authentification by the HTTP header but i can not add a "Authorization" parameter to the HTTPHeader. I get the services's descriptions by WSDL using

This is an old post but is there anyone to help me please?

Popular posts from this blog

Reviewing "Context Driven Approach to Automation in Testing"

I recently had occasion to read the "Context Driven Approach to Automation in Testing". As a professional software tester with extensive experience in test automation at the user interface (both UI and API) for the last decade or more for organizations such as Thoughtworks, Wikipedia, Salesforce, and others, I found it a nostalgic mixture of FUD (Fear, Uncertainty, Doubt), propaganda, ignorance and obfuscation. 

It was weirdly nostalgic for me: take away the obfuscatory modern propaganda terminology and it could be an artifact directly out of the test automation landscape circa 1998 when vendors, in the absence of any competition, foisted broken tools like WinRunner and SilkTest on gullible customers, when Open Source was exotic, when the World Wide Web was novel. Times have changed since 1998, but the CDT approach to test automation has not changed with it. I'd like to point out the deficiencies in this document as a warning to people who might be tempted to take it se…

Watir is What You Use Instead When Local Conditions Make Automated Browser Testing Otherwise Difficult.

I spent last weekend in Toronto talking to Titus Fortner, Jeff "Cheezy" Morgan, Bret Pettichord, and a number of other experts involved with the Watir project. There are a few things you should know:

The primary audience and target user group for Watir is people who use programming languages other than Ruby, and also people who do little or no programming at all. Let's say that again:

The most important audience for Watir is not Ruby programmers 
Let's talk about "local conditions":

it may be that the language in which you work does not support Selenium
I have been involved with Watir since the very beginning, but I started using modern Watir with the Wikimedia Foundation to test Wikipedia software. The main language of Wikipedia is PHP, in which Selenium is not fully supported, and in which automated testing in general is difficult. Watir/Ruby was a great choice to do browser testing.  At the time we started the project, there were no selenium bindings for …

Open letter to the Association for Software Testing

To the Association for Software Testing:

Considering the discussion in the software testing community with regard to my blog post "Test is a Ghetto", I ask the Board of the AST  to release a statement regarding the relationship of the AST with Keith Klain and Per Scholas, particularly in regard to the lawsuit for fraud filed by Doran Jones (PDF download link) .

The AST has a Code of Ethics  and I also ask the AST Board to release a public statement on whether the AST would consider creating an Ethics Committee similar to, or as a part of the recently created Committee on Standards and Professional Practices.

The yearly election for the Board of the AST happens in just a few weeks, and I hope that the candidates for the Board and the voting members of the Association for Software Testing will consider these requests with the gravity they deserve.