[spyne] Generating wsdl by IP address and another criteria

Burak Arslan burak.arslan at arskom.com.tr
Tue Sep 2 13:44:01 UTC 2014

Hi there :)

On 09/02/14 09:32, Михаил Начаров wrote:
> Hello Burak!
> 1. I'm wondering is there a way to generate wsdl at runtime depending
> on client IP-address? I have checked this by myself in source code of
> this powerful library, but haven't find a way to do that.
> 2. If there is no way to do that, can we generate wsdl once per client
> automatically?
> Main purpose of this generation thing is to have all our web-services
> for all consumers in one project, but give them wsdl with only
> necessary services.

I assume you're already aware of this but still: I'd do the IP-based
access check in the methods themselves instead of giving them a partial
WSDL document, because if the client manages to guess or gets hold of
the wsdl document generated for a peer with access to other methods,
Spyne won't remember which ip has which wsdl and will answer its query

Having said that, here's how I think you should implement this:

First, you need a way to tag the methods (e.g. which ip gets which
method). You can use set @rpc's _udp argument[1] to any object. You can
store this information there.

I have just committed a hook for you to override[2]. You need to
subclass Interface and override check_method with something along the
lines of:

    if not (self.ip_address in method.descriptor.udp.ip_addresses):
        return False
    return True

where ip_address comes as an argument to your Interface subclass' ctor.

Assuming you're using WsgiApplication, you need to subclass it and
override handle_wsdl_request.

>From inside your new WsgiApplication, you must do something along the
lines of:

    interface = Interface(app, ip_address=ip_address)
    return Wsdl11(interface).build_interface_document()

I can't remember how all this was tied together off the top of my head,
but you get the idea.

I hope this helps.

Best regards,

[1]: http://spyne.io/docs/2.10/reference/decorator.html#spyne.decorator.rpc

More information about the people mailing list