堆栈内存溢出
  简体   繁体   English

Zend_Soap_Server或Zend_XmlRpc_Server

[英]Zend_Soap_Server or Zend_XmlRpc_Server

 原文  2014-07-30 12:29:01       php/ zend-framework/ soap/ zend-soap/ zend-xmlrpc

问题描述

I need to implement webservice for a mobile application. 我需要为移动应用程序实现Web服务。 I am using Zend Framework. 我正在使用Zend Framework。 I know we have Zend_Soap_Server and Zend_XmlRpc_Server . 我知道我们有Zend_Soap_ServerZend_XmlRpc_Server Which should I prefer. 我应该选哪个。 Client is concern about security. 客户担心安全性。 After reading here I think it is SOAP. 这里阅读后我认为它是SOAP。 But when to use Zend_XmlRpc. 但是何时使用Zend_XmlRpc。

1 个解决方案

解决方案1
 0  2014-07-31 03:22:50

IMO you should consider providing a simple REST API, as it is much simpler than SOAP, which is generally preferred over XML-RPC. IMO,您应该考虑提供一个简单的REST API,因为它比SOAP更简单,而SOAP通常比XML-RPC更受欢迎。 You can build RESTful controllers fairly easily within Zend Framework. 您可以在Zend Framework中相当轻松地构建RESTful控制器。

Neither Zend_Soap_Server or Zend_SmlRpc_Server will address your security concerns. Zend_Soap_ServerZend_SmlRpc_Server都无法解决您的安全问题。 All three options (those two as well as the REST approach) are only concerned with the structure of the data being passed between the client and the server. 所有这三个选项(这两个以及REST方法)仅与在客户端和服务器之间传递的数据的结构有关。

Security is mainly related to the following two concerns: 安全性主要涉及以下两个方面:

  • Authentication - you will need to implement some way of knowing that when a client connects to the server, they are a legitimate client and not some imposter/hacker. 身份验证-您将需要采取某种方式来知道客户端连接到服务器时,它们是合法客户端,而不是冒名顶替者/黑客。 This can be done with HTTP authentication, inclusion of a token in the protocol, OAUTH or some other means. 这可以通过HTTP身份验证,在协议中包含令牌, OAUTH或其他某种方式来完成。

  • Transport security - That is, stopping people from sniffing the traffic between the client and the server. 传输安全性-即阻止人们嗅探客户端和服务器之间的流量。 Exposing the Web Service via SSL addresses this concern. 通过SSL公开Web服务解决了这一问题。

There may be other security concerns specific to the application protocol, DOS attacks, etc, but the two listed above are the common ones that most people would address first. 应用协议,DOS攻击等可能还存在其他安全问题,但是上面列出的两个是大多数人首先要解决的常见问题。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Zend_Soap_Server返回一个空的肥皂消息 - Zend_Soap_Server returns an empty soap message 如何使用SoapServer,NuSoap或ZEND_SOAP_SERVER发送RAW Soap - How to send RAW Soap with SoapServer, NuSoap or ZEND_SOAP_SERVER zend_soap_server utf-8编码不起作用 - zend_soap_server utf-8 encoding does not work Zend_Soap_Server / Client不起作用。 返回“看起来好像我们没有XML文档” - Zend_Soap_Server/Client doesn't work. Returns “looks like we got no XML document” Zend Soap服务器示例 - Zend Soap server example Zend Soap Server / WSDL - Zend Soap Server / WSDL Zend SOAP服务器日志记录功能 - Zend SOAP Server logging feature Zend_Soap及其附件(服务器) - Zend_Soap with attachments (server) 对.NET SOAP Server的PHP-Zend Soap请求 - PHP - Zend Soap Request to .NET SOAP Server 带有wsdl的Zend Soap Server-禁止使用403 - Zend Soap Server with wsdl - 403 Forbidden
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM