Search code examples
pythonsslsoaptwisted

How to check if authentication works in twisted?

I'm using this Wombat API - WAPI (link) which is built on top of twisted and SOAP to enable encrypted client-server communication, mainly for sharing big datasets.

The WAPI is pretty easy to install and start using because it includes example client and server code (files: wapi_client.py and wapi_server.py).

I manage to create a simple dataset 'mydataset' and the needed SSL certificates using my CA from openssl:

  • ca_cert.pem,
  • server_cert.pem,
  • client_cert.pem.

Using the first 2 certificates, I run the wapi_server (on 127.0.0.1:8080) without problem and get the following output:

> python wapi_server.py 
> setting up WAPI server!
> adding dataset mydataset
> launching dataset-specific initialization code
> registered object simulation (2 methods,0 refs)
> registered object dataset (0 methods,1 refs)
> dataset successfully initialized
> activating SSL support
> activating SSL support
> enabling SSL client authentication
> entering in twisted loop!

Then using certificates 1 and 3 I run the wapi_client (on the same machine using 127.0.0.1:8080) but I get the following error:

> python wapi_client.py
> registering dataset mydataset -> http://127.0.0.1:8080/
> entering into main thread loop
> running reactor..
> testing dataset availability
> SOAP call get_attributes
> blocking and waiting for object completion
> something went wrong: [Failure instance: Traceback (failure with no frames): <class 'twisted.internet.error.ConnectionDone'>: Connection was closed cleanly.]
> object completed
> mydataset : ERROR
> 0 datasets are available
> getting out of main loop

I do not understand the error. I think it is because one of the following:

  • the server is not responding
  • the authentication fails (I have some mistake in using the certificates)

How do I check if my authentication works and how do I check if the server responds?

Solution

  • So whoever uses the Wombat package and runs to this problem, the solution is as follows:

    The WAPI client is configured in file wapi.conf. In it you should specify the address to the server like:

    https://<ip_address>:<port>/<name_of_dataset>

    Note the https (secure) and the name of the dataset in the url. Furthermore, in the config file you should provide the certificate files (both CA and server certificate)