使用before_invocation进行验证调用权限
API
class BlogApi < ActionWebService::API::Base api_method :hello_world, :expects => [{"password" => :string},{"user" => :string}], :returns => [:string] end
Controller
class BlogController < ApplicationController wsdl_service_name 'Blog' web_service_api BlogApi wsdl_namespace 'http://www.somewhere.com' #web service的名字空间 web_service_scaffold :invoke before_invocation :login #指定拦截的方法名称 def hello_world(pass,user) "hello #{user}" end protected def login(methodname,args) #参数为被拦截函数名,被拦截函数参数数组 raise "Method #{methodname} Not authenticated" unless args[0] == 'srcret' end end