Calling protected SOAP from Mozilla

nospam@example.com (Amir Mohammad Saied) — Fri, 14 Dec 2007 02:16:00 -0500

Recently I had to write a Firefox extension for a company which provides text messaging web services. The Web-Service is an RPC-Style SOAP one which is written by "Nima Shayafar".
When I got this offer, I didn't think that this one would cause any troubles, as Mozilla has a SOAP implementation landed in it's platform since years (~~And if you ask me, I'll tell you no one, never touched it again to improve it -even a little bit~~ UPDATE:They finally touched it, and they completely removed it from Mozilla 1.9!).
This Web-Service is protected by basic HTTP Authentication, nothing tricky so far, but to my surprise Mozilla's SOAP implementation doesn't provide any mean to do authentication against an endpoint, and nah, not even a basic one.
Well I thought as this (writing Firefox extensions for protected SOAP Web Services) is not that uncommon situation I may get a good amount of information by Googling, but nothing catchy comes there in results except a thread at netscape.public.mozilla.xml where I found two solutions, one was submitting username/password pair together with URL, and the other one was to make an XHR connection to the endpoint (XMLHttpRequest implementation let you provide login/password for a basic authentication), and as Mozilla remembers that for the browser session, you're there.
The first solution is hmm ... horrible! And the second one, I didn't manage to get it to work.
So I started wondering in other possible ways to overcome this, and guess what? It was damn easy!
You just need to set Authorization header in HTTP request (which is base64 encoded of login:password), but just for that particular endpoint, and how?
You need to use nsIHttpChannel in conjugation with nsIObserverService, register it right before invoking the SOAPCall, and (don't forget to!) unregister it when the call is done, that's it.
Well, it took me an hour to come up with this, and I'm writing it in hopes save someone else "one hour".

Ohloh API

nospam@example.com (Amir Mohammad Saied) — Sat, 24 Nov 2007 03:16:04 -0500

It's a while since I started using Ohloh API for the facebook app I mentioned in earlier post.
It's a REST-based one with well structured URIs, the only thing that could be implemented better (from the definitions perspective), is the way Ohloh let you know what happened to your request, the response status.
It's now represented in entity-body (<response><status>....</status>...</response>), but IMO using ``HTTP Response Code'' would be a better choice when you're talking about a RESTful web service, data transmitting over HTTP without an additional messaging layer.

I'm Persian - Web Services

Calling protected SOAP from Mozilla

Ohloh API