Yii Framework Forum: Authentication & Web Service - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Authentication & Web Service web services, authentication Rate Topic: -----

#1 User is offline   tombrown 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 19
  • Joined: 17-March 09

Posted 04 February 2010 - 12:13 PM

Hello,

I wondered if anyone could suggest the best way to go about providing a web service which shares the same authentication process as the web site (sharing the same webapp).

Basically I have a Controller which uses a UserIdentity to authenticate and authorize, and I was hoping to extend this class to provide similar actions (services) for SOAP users.

So the first "service" I guess would be to Login, and I assume I would somehow need to return a session id in the (successful) response. I'm not sure how I would use the session id along with the UserIdentity class to authenticate each time the user makes a service req..

All this stuff is done automatically with browser-webapp communication using cookie data, I'm not sure if I am making a mistake in trying to use this stateless architecture in such a way, if it is not advised then the user could simply supply login data with each req.

Tom
0

#2 User is offline   tombrown 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 19
  • Joined: 17-March 09

Posted 06 February 2010 - 07:58 AM

Does anyone know if this is even possible?

I have seen services online which use the method of returning a SESSION_ID after authentication. I think it is possible with PHP but I don't know how to incorporate this into the work I am doing with this framework.

:-(
0

#3 User is offline   tri 

  • Elite Member
  • Yii
  • Group: Moderators
  • Posts: 1,651
  • Joined: 20-November 08
  • Location:Stockholm, Sweden

Posted 06 February 2010 - 09:24 AM

View Posttombrown, on 06 February 2010 - 07:58 AM, said:

Does anyone know if this is even possible?

I have seen services online which use the method of returning a SESSION_ID after authentication. I think it is possible with PHP but I don't know how to incorporate this into the work I am doing with this framework.

:-(


I did some testing...

  $client = new SoapClient('http://somehost/index.php?r=item/itemsWS');
  $status = $client->login('demo', 'demo');
  if ($status)
  {
    $data = $client->getCurrentItems();
    show($data);
  }
  else
    echo 'Not logged in<br>';


You have to add a CookieContainer if you use a .NET client.

Whether best practice or not, I can't tell.

/Tommy
Don't forget to read The Definitive Guide to Yii (en) (sv) | The class reference has the details
0

#4 User is offline   tri 

  • Elite Member
  • Yii
  • Group: Moderators
  • Posts: 1,651
  • Joined: 20-November 08
  • Location:Stockholm, Sweden

Posted 08 February 2010 - 11:23 AM

It seems like my web service tests no longer run.
(It was a long time since I previously tried it out.)

Might also be related to this issue
http://code.google.c...etail?id=908#c1

Edit:
It turns out the problem was related to recent entry script hiding and path format url's.

/Tommy

This post has been edited by tri: 08 February 2010 - 12:27 PM

Don't forget to read The Definitive Guide to Yii (en) (sv) | The class reference has the details
0

#5 User is offline   tombrown 

  • Newbie
  • Yii
  • Group: Members
  • Posts: 19
  • Joined: 17-March 09

Posted 09 February 2010 - 07:08 AM

I am still trying to achieve this. But I have some new hope.

My client is now able to get the PHPSESSID from the response and the SOAP server code is set up to login (as usual) using UserIdentity etc.

But, for some reason, the logged in session is not maintained when the client makes its next request.

(Even though it is passing in the PHPSESSID as a cookie).

I don't know what else the yiiframework (or maybe PHP?) needs to authenticate and restore the logged in session.
Has anyone ran into this?


Edit: I will create a new thread for this question..
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users